Created by: RidgeA
mergeCookie options allow to merge set-cookie header form passed request object and from a target response
Test added. Documentation updated.
Use Case:
In the project, I'm working on currently, we are using Express-Gateway (https://github.com/ExpressGateway/express-gateway) as a single entry point for a set of microservices.
Express-Gateway uses http-proxy when proxeing requests to a destination service.
In the gateway we have to setup a cookie with CSRF token.
But some endpoints of our microservices setups it's own cookies and in this case all cookies, that has been setuped in gateway wipes out by cookies from a microservice response.
Raw example:
"use strict";
const http = require("http");
const httpProxy = require("http-proxy");
const proxy = httpProxy.createProxyServer({});
const gateway = http.createServer((req, res) => {
res.setHeader('set-cookie', ["gateway=true; Path=/"]);
proxy.web(req, res, {target: "http://localhost:3002"});
});
gateway.listen(3003);
const backend = http.createServer((req, res) => {
res.setHeader("set-cookie", ["backend=true; Path=/", "another_backend_cookie=true; Path=/"]);
res.end("OK");
});
backend.listen(3002);Curl:
$ curl -v http://localhost:3003
* Rebuilt URL to: http://localhost:3003/
* Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 3003 (#0)
> GET / HTTP/1.1
> Host: localhost:3003
> User-Agent: curl/7.61.1
> Accept: */*
>
< HTTP/1.1 200 OK
< set-cookie: backend=true; Path=/
< set-cookie: another_backend_cookie=true; Path=/
< date: Mon, 14 Jan 2019 12:24:27 GMT
< connection: close
< content-length: 2
<
* Closing connection 0
OKBy this pull-request I want to add one more option that will instruct proxy-server to merge set-cookie header instead of overwriting it.
Existing behaviour remains the same.