Adding ability to set cookie path

2025-12-08 20:59:18 +00:00 · 2018-02-20 17:50:59 -08:00 · 2018-02-20 17:50:59 -08:00 · 2c98416ac2
commit 2c98416ac2
parent 543636d0f6
3 changed files with 36 additions and 14 deletions
--- a/lib/http-proxy/common.js
+++ b/lib/http-proxy/common.js
@ -5,7 +5,7 @@ var common   = exports,

 var upgradeHeader = /(^|,)\s*upgrade\s*($|,)/i,
    isSSL = /^https|wss/,
-    cookieDomainRegex = /(;\s*domain=)([^;]+)/i;
+    cookieProps = ['domain', 'path'];

 /**
 * Simple Regex for testing if protocol is https
@ -211,27 +211,30 @@ common.urlJoin = function() {
 *
 * @api private
 */
-common.rewriteCookieDomain = function rewriteCookieDomain(header, config) {
+common.rewriteCookieProperty = function rewriteCookieProperty(header, config, property) {
+  if(cookieProps.indexOf(property) === -1) //Property not supported
+    return header;
+
  if (Array.isArray(header)) {
    return header.map(function (headerElement) {
-      return rewriteCookieDomain(headerElement, config);
+      return rewriteCookieProperty(headerElement, config, property);
    });
  }
-  return header.replace(cookieDomainRegex, function(match, prefix, previousDomain) {
-    var newDomain;
-    if (previousDomain in config) {
-      newDomain = config[previousDomain];
+  return header.replace(new RegExp("(;\\s*" + property + "=)([^;]+)"), function(match, prefix, previousValue) {
+    var newValue;
+    if (previousValue in config) {
+      newValue = config[previousValue];
    } else if ('*' in config) {
-      newDomain = config['*'];
+      newValue = config['*'];
    } else {
-      //no match, return previous domain
+      //no match, return previous value
      return match;
    }
-    if (newDomain) {
-      //replace domain
-      return prefix + newDomain;
+    if (newValue) {
+      //replace value
+      return prefix + newValue;
    } else {
-      //remove domain
+      //remove value
      return '';
    }
  });
--- a/lib/http-proxy/passes/web-outgoing.js
+++ b/lib/http-proxy/passes/web-outgoing.js
@ -84,12 +84,16 @@ module.exports = { // <--
   */
  writeHeaders: function writeHeaders(req, res, proxyRes, options) {
    var rewriteCookieDomainConfig = options.cookieDomainRewrite,
+        rewriteCookiePathConfig = options.cookiePathRewrite,
        preserveHeaderKeyCase = options.preserveHeaderKeyCase,
        rawHeaderKeyMap,
        setHeader = function(key, header) {
          if (header == undefined) return;
          if (rewriteCookieDomainConfig && key.toLowerCase() === 'set-cookie') {
-            header = common.rewriteCookieDomain(header, rewriteCookieDomainConfig);
+            header = common.rewriteCookieProperty(header, rewriteCookieDomainConfig, 'domain');
+          }
+          if (rewriteCookiePathConfig && key.toLowerCase() === 'set-cookie') {
+            header = common.rewriteCookieProperty(header, rewriteCookiePathConfig, 'path');
          }
          res.setHeader(String(key).trim(), header);
        };
@ -98,6 +102,10 @@ module.exports = { // <--
      rewriteCookieDomainConfig = { '*': rewriteCookieDomainConfig };
    }

+    if (typeof rewriteCookiePathConfig === 'string') { //also test for ''
+      rewriteCookiePathConfig = { '*': rewriteCookiePathConfig };
+    }
+
    // message.rawHeaders is added in: v0.11.6
    // https://nodejs.org/api/http.html#http_message_rawheaders
    if (preserveHeaderKeyCase && proxyRes.rawHeaders != undefined) {
--- a/test/lib-http-proxy-passes-web-outgoing-test.js
+++ b/test/lib-http-proxy-passes-web-outgoing-test.js
@ -298,6 +298,17 @@ describe('lib/http-proxy/passes/web-outgoing.js', function () {
        .to.contain('hello; domain=my.domain; path=/');
    });

+    it('rewrites path', function() {
+      var options = {
+        cookiePathRewrite: '/dummyPath'
+      };
+
+      httpProxy.writeHeaders({}, this.res, this.proxyRes, options);
+
+      expect(this.res.headers['set-cookie'])
+        .to.contain('hello; domain=my.domain; path=/dummyPath');
+    });
+
    it('rewrites domain', function() {
      var options = {
        cookieDomainRewrite: 'my.new.domain'