Only last cookie is sent to client in response

When setting multiple headers with the same name ```Set-Cookie```, only the last one is actually in the django response object.
For instance, this response:
```
HTTP/2.0 200 OK
Content-Type: text/html
Set-Cookie: yummy_cookie=choco
Set-Cookie: tasty_cookie=strawberry
[page content]
```

It will only set this ```Set-Cookie: tasty_cookie=strawberry``` to response.

A call to ```django_response.set_cookie()``` method if the header is "Set-Cookie" might fix it.

https://github.com/edx/XBlock/blob/316cc376945f0c748d4ec7b780ee55bd6aef4425/xblock/django/request.py#L12

https://tools.ietf.org/html/rfc7230
> Note: In practice, the "Set-Cookie" header field ([RFC6265]) often
>       appears multiple times in a response message and does not use the
>       list syntax, violating the above requirements on multiple header
>       fields with the same name.  Since it cannot be combined into a
>       single field-value, recipients ought to handle "Set-Cookie" as a
>       special case while processing header fields.  (See Appendix A.2.3
>       of [Kri2001] for details.)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Only last cookie is sent to client in response #523

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Only last cookie is sent to client in response #523

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions