You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@openwhisk.apache.org by gi...@git.apache.org on 2017/06/21 14:11:39 UTC
[GitHub] akrabat opened a new issue #2408: Web actions should not have a set-cookie header
akrabat opened a new issue #2408: Web actions should not have a set-cookie header
URL: https://github.com/apache/incubator-openwhisk/issues/2408
When calling a web action via HTTP, I should not see a `Set-Cookie` header:
i.e. when this action:
```swift
func main(args: [String:Any]) -> [String:Any] {
return [
"headers": [
"X-Clacks-Overhead": "GNU Terry Pratchett"
],
"body": "<h1>Hello world!</h1>",
]
}
```
is uploaded to OpenWhisk with: `wsk action update htmltest html.swift --web true`, I get the output:
```text
$ curl -i https://openwhisk.ng.bluemix.net/api/v1/web/19FT_dev/default/htmltest
HTTP/1.1 200 OK
X-Backside-Transport: OK OK
Connection: Keep-Alive
Transfer-Encoding: chunked
Server: nginx/1.11.13
Date: Wed, 21 Jun 2017 14:08:00 GMT
Content-Type: text/html
X-Clacks-Overhead: GNU Terry Pratchett
X-Client-IP: 81.132.67.186
X-Global-Transaction-ID: 1385362991
Set-Cookie: DPJSESSIONID=PBC5YS:1663067204; Path=/; Domain=.whisk.ng.bluemix.net
<h1>Hello world!</h1>
```
The `Set-Cookie:` header shouldn't be. Arguably, the `Server` shouldn't be either as it leaks information.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services