RESTClient icon indicating copy to clipboard operation
RESTClient copied to clipboard

Published 20 hours ago verified publisher icon chao

HttpOnly cookie not shown in cURL command

Open mrkvon opened this issue 6 years ago • 0 comments

Issue

Generated cURL command doesn't include a Cookie header with authentication cookie. Therefore the curl command won't work on protected endpoints as is.

Detail

When I request an authentication cookie from a server via RestClient, it doesn't show a Set-Cookie header in the response headers. The cookie is set anyways, because the following requests to protected endpoints will pass. The generated cURL command doesn't include the Cookie header. (i.e. -H 'Cookie:jwt=eyJh...; Path=/; HttpOnly') Setting the cookie header manually fails with error Request header "Cookie" is blocked by XMLHttpRequest for security reasons.

Expected behavior

The cookie is included as a part of a cURL command. Requests via (cURL command generated by RESTClient) and (RESTClient itself) have consistent responses.

Version of RESTClient

3.0.7

Related issues

#194 #308

mrkvon avatar Oct 04 '18 23:10 mrkvon