Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Copy headers across redirects #131

Merged
merged 1 commit into from
Oct 2, 2024
Merged

Copy headers across redirects #131

merged 1 commit into from
Oct 2, 2024

Conversation

germsvel
Copy link
Owner

@germsvel germsvel commented Sep 30, 2024
edited
Loading

Resolves #126

What changed?

In order to emulate browser behavior a little bit better, we want to copy headers across redirects.

Whenever we dispatch to the endpoint, the Phoenix.ConnTest.recycle/2 automatically gets called. But by default it only recycles "accept", "accept-language", and "authorization".

This commit calls it manually copying all request headers.

For more, see docs on
https://hexdocs.pm/phoenix/Phoenix.ConnTest.html#recycle/2

Recycling receives a connection and returns a new connection,
containing cookies and relevant information from the given one.

This emulates behaviour performed by browsers where cookies returned
in the response are available in following requests.

By default, only the headers "accept", "accept-language", and
"authorization" are recycled. However, a custom set of headers can be specified by passing a list of strings representing its names as the second argument of the function.

Note recycle/1 is automatically invoked when dispatching to the
endpoint, unless the connection has already been recycled.

Need to check the following:

  • Redirect on visit
  • Redirect when following links
  • Redirect when following form submissions

@germsvel
Copy headers across redirects
14c2014 
What changed?
=============

In order to emulate browser behavior better, we want to copy headers
across redirects.

Whenever we dispatch to the endpoint, `Phoenix.ConnTest.recycle/2`
automatically gets called. But by default it only recycles "accept",
"accept-language", and "authorization".

This commit adds calls to `recycle/2` where we manually copying all
request headers.

For more, see [recycle/2 docs]:

```
  Recycling receives a connection and returns a new connection,
  containing cookies and relevant information from the given one.

  This emulates behaviour performed by browsers where cookies returned
  in the response are available in following requests.

  By default, only the headers "accept", "accept-language", and
  "authorization" are recycled. However, a custom set of headers can be
  specified by passing a list of strings representing its names as the
  second argument of the function.

  Note recycle/1 is automatically invoked when dispatching to the
  endpoint, unless the connection has already been recycled.
```

[recycle/2 docs]: https://hexdocs.pm/phoenix/Phoenix.ConnTest.html#recycle/2
@germsvel
Copy link
Owner Author

germsvel commented Oct 2, 2024

I wanted to make sure it wasn't unsafe to copy all the headers.

For posterity's sake, I think we're okay following these rules (snatched them from a friend):

  • If POST 301 or POST 302, do not copy any headers
  • If non-GET 303, do not copy any headers
  • If redirecting to a different domain than the initial request, copy all headers EXCEPT Authorization
  • Otherwise, copy all headers

Since we don't really handle 301s or 302s, I don't think we need to worry about that. I don't think people are redirecting to different domains (since we're presumably testing internal apps), so I don't think the issue of Authorization is a big deal.

So, I think we're okay copying all the headers for now.

I also gave Capybara (a Ruby library that has rack-test which is similar to Phoenix.ConnTest) a look to see how they'd handled this in the past. I found this issue (teamcapybara/capybara#464) which was resolved in this commit (teamcapybara/capybara@33b1a27) which I think basically agrees that it's fine to copy headers.

@germsvel germsvel merged commit 7ad8cb1 into main Oct 2, 2024
3 checks passed
@germsvel germsvel deleted the preserve-headers branch October 2, 2024 19:50
@joeytrapp
Copy link
Contributor

Thank you for looking into this!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Proposal: copy request headers from initial conn into redirect/navigate conn
2 participants
@germsvel @joeytrapp