Cookies in http response

paul.garnham · August 8, 2016, 4:17am

Just cannot get to add a cookie to my response.

go version go1.6.2 windows/amd64

package main

import (
    "fmt"
    "net/http"
	"log"
    _ "odbc"
	"jwt"
	"time"
	"io/ioutil"
)

var hmacSampleSecret []byte

type UserInfo struct {
	Id   string
	Name string
	Profile []byte
}

type CustomClaims struct {
	*jwt.StandardClaims
}

// Block keys should be 16 bytes (AES-128) or 32 bytes (AES-256) long.
// Shorter keys may weaken the encryption used.
var blockKey = []byte("")

func main() {

	keyData, e := ioutil.ReadFile("workspace/bin/hmacTestKey")
	if e == nil {
		hmacSampleSecret = keyData
	} else {
		log.Printf("keyData error  = %s\n", e)
	}
	
    http.HandleFunc("/test", testHandler)
    http.ListenAndServe(":8089", nil)
}

func testHandler(w http.ResponseWriter, r *http.Request) {
	expiration := time.Now().Add(365 * 24 * time.Hour)
	cookie := http.Cookie{Name: "MyCookie", Value: "monster", Expires: expiration, MaxAge: 0, Secure: false, HttpOnly: false}
	http.SetCookie(w, &cookie)
	w.Header().Set("Content-Type", "application/jwt")
	w.Header().Set("Set-Cookie", "MyCookie")
	w.WriteHeader(http.StatusOK)
	
	fmt.Fprintln(w, "Cookie Added")
	
}

Thanks in advance for any help.

dfc · August 8, 2016, 5:14am

What did you expect to see when you ran your program ?

What did you see instead ?

paul.garnham · August 8, 2016, 5:21am

I expected to have a cookie as part of the http response, none was attached.

I use postman to test.

dfc · August 8, 2016, 5:32am

What happens when you run

curl -v http://localhost:8089/test

calmh · August 8, 2016, 6:06am

This looks reasonable:

cookie := http.Cookie{Name: "MyCookie", Value: "monster", Expires: expiration, MaxAge: 0, Secure: false, HttpOnly: false}
http.SetCookie(w, &cookie)

But then you overwrite the header with something incorrect:

w.Header().Set("Set-Cookie", "MyCookie")

I’m not sure what you expect the last line there to do, but it probably doesn’t.

paul.garnham · August 8, 2016, 7:10am

Thx - removed the additional Set

curl gives
C:\Users\paul.garnham>C:\Development\curl-7.46.0\I386\curl -v http://localhost:8089/test

Trying ::1…
Connected to localhost (::1) port 8089 (#0)

GET /test HTTP/1.1
Host: localhost:8089
User-Agent: curl/7.46.0
Accept: /

< HTTP/1.1 200 OK
< Content-Type: application/jwt
< Set-Cookie: MyCookie=monster; Expires=Tue, 08 Aug 2017 06:59:41 GMT
< Date: Mon, 08 Aug 2016 06:59:41 GMT
< Content-Length: 13
<
Cookie Added

Connection #0 to host localhost left intact

But postman shows no cookie on the response - seem I have been pulling whats left of my hair out for the wrong reason.

paul.garnham · August 9, 2016, 1:30am

Postman Interceptor

the solution to my Postman issue, I had to install this as I use Chrome as my default browser.

Here is what you have to do to get this working:

Install Postman from the Chrome Web Store (if you don't have it already!)
Install the Interceptor extension
Open Postman
Click on the Interceptor icon in the toolbar and switch the toggle to "on"

Thanks for all the assistance.

mathew · August 12, 2016, 11:12pm

Are you by any chance trying to use JWT tokens for authentication?

system · November 10, 2016, 11:12pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.