http-proxy-middleware icon indicating copy to clipboard operation
http-proxy-middleware copied to clipboard

Published 20 hours ago verified publisher icon chimurai

The Cookie header is not being included in the redirected address.

Open alpgul opened this issue 1 year ago • 2 comments

Checks

Describe the bug (be clear and concise)

The "Cookie" header is not automatically added to the redirected address.

Step-by-step reproduction instructions

When I inspected the requests with Burp, the redirected address was not receiving the "Cookie" header. However, when I changed the user agent, the user agent was indeed changing.

Expected behavior (be clear and concise)

The addition of the "Cookie" header to the redirected address.

How is http-proxy-middleware used in your project?

pnpm i http-proxy-middleware

What http-proxy-middleware configuration are you using?

`const proxy=createProxyMiddleware({
  target: 'https://www.example.com/',
  changeOrigin: true,
  agent,
  autoRewrite: true ,
  followRedirects: true,
  selfHandleResponse: true,
  headers:{
  "Cookie":"test=123"
  },
  on: {
    proxyReq: (proxyReq, req, res,options) => {
      
    }
    }
});
function customProxy(req,res,next){
  req.headers["Cookie"]='test='+getKey();
  proxy(req,res,next);
}
app.use('/proxy',customProxy );
//app.use('/proxy',proxy);`
`

What OS/version and node/version are you seeing the problem?

win 10
node v21.7.1

Additional context (optional)

No response

alpgul avatar Apr 21 '24 17:04 alpgul

follow-redirects:

  if (redirectUrl.protocol !== currentUrlParts.protocol &&
     redirectUrl.protocol !== "https:" ||
     redirectUrl.host !== currentHost &&
     !isSubdomain(redirectUrl.host, currentHost)) {
    removeMatchingHeaders(/^(?:(?:proxy-)?authorization|cookie)$/i, this._options.headers);
  }

I found the reason for the problem: follow-redirects package is deleting the cookie header.

alpgul avatar Apr 21 '24 19:04 alpgul 

 const proxy = createProxyMiddleware({
     ssl: {
         beforeRedirect: (options, response, request) => {
             options.headers["Cookie"] = 'mycookie=test';
         }
     }
     target: 'https://www.example.com/',
     changeOrigin: true,
     agent,
     autoRewrite: true,
     followRedirects: true,
     selfHandleResponse: true,
     headers: {
         "Cookie": "test=123"
     },
     on: {
         proxyReq: (proxyReq, req, res, options) => {

         }
     }
 });

I can send the cookie value to the redirect using the temporary solution above.

alpgul avatar Apr 22 '24 05:04 alpgul