Mishandled Cookies in AWS Lambda integration #14335
Description
Environment
- Operating System:
Darwin - Node Version:
v18.2.0 - Nuxt Version:
3.0.0-rc.5 - Package Manager:
[email protected] - Builder:
vite - User Config:
runtimeConfig,typescript,modules,buildModules,nitro - Runtime Modules:
[email protected] - Build Modules:
@pinia/[email protected]
Reproduction
try to parse incoming cookies (must be a Cookie header containing multiple values) with UseCookie in the lambda handler
It will find the first cookie and put the rest of the string as a value
Describe the bug
In the aws-lambda deployment setting in aws-lambda.mjs in the handler function, there is this line:
if ("cookies" in event && event.cookies) {
event.headers.cookie = event.cookies.join(",");
}
I guess you are trying to rebuild the Cookie header string content from the API Gateway incoming request headers.
However in the Cookie specification , each value is separated by a ";" and not a ",".
This behaviour causes the cookies to be wrongly parsed which can cause lots of problems to any apps
To fix the bug, I simply changed the snippet above to:
if ("cookies" in event && event.cookies) {
event.headers.cookie = event.cookies.join(";"); // Notice the semicolon as a the join parameter
}
Additional context
No response
Logs
No response