This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
The Google Cloud Community will be in read-only from July 16 - July 22 as we migrate to a new platform; refer to this community post for more details.
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Copying headers in RaiseFault policy breaks set-cookie headers in response

Posted on 11-30-2016 09:22 AM
Not applicable
Reply posted on --/--/---- --:-- AM

When `<FaultResponse><Copy><Headers>` is used in a raisefault policy in order to copy response headers from the source to the error message, set-cookie headers are broken when they have an `expires` directive containing a comma (e.g. 'expires=Fri, 30-Dec-16 16:23:42 GMT;').

These are the headers sent from the target:

Set-Cookie: A=B; expires=Sun, 29-Jan-2017 17:04:37 GMT; Path=/
Set-Cookie: C=D; expires=Fri, 27-Jan-2017 17:04:37 GMT; Path=/
Set-Cookie: E=F; expires=Wed, 25-Jan-2017 17:04:37 GMT; Path=/

But when these set-cookie headers are copied as described above, they are returned in the response like this:

Set-Cookie: A=B; expires=Sun
Set-Cookie: 29-Jan-2017 17:04:37 GMT; Path=/
Set-Cookie: C=D; expires=Fri
Set-Cookie: 27-Jan-2017 17:04:37 GMT; Path=/
Set-Cookie: E=F; expires=Wed
Set-Cookie: 25-Jan-2017 17:04:37 GMT; Path=/

This seems to be related to the way the apigee platform breaks set-cookie headers as has been documented in the following posts:

https://community.apigee.com/questions/6587/modify-set-cookie-header-addchange-in-javascript.html

https://community.apigee.com/questions/1908/question-about-accessing-all-set-cookie-values-fro.html

Is there any way to work around this apigee bug?

0 3 237
Topic Labels
0 Likes
3 REPLIES 3
Top Solution Authors
View all