Override cookie encode #10055
Override cookie encode #10055
Conversation
Right now, if a developer adds an encode/decode function when creating a cookie, it's applied after the cookie is Base64 encoded. We should not Base64 encode a cookie if the developer have added a `encode`/`decode` override to the cookie options. Unfortunately this makes the override and sign/secret options mutually exclusive. BREAKING CHANGE: If you override the cookie encode/decode functions, you can't sign the cookie with a secret
adds tests for the encode/decode options.
|
|
Hi @Evanion, Welcome, and thank you for contributing to Remix! Before we consider your pull request, we ask that you sign our Contributor License Agreement (CLA). We require this only once. You may review the CLA and sign it by adding your name to contributors.yml. Once the CLA is signed, the If you have already signed the CLA and received this response in error, or if you have any questions, please contact us at [email protected]. Thanks! - The Remix team |
|
Thank you for signing the Contributor License Agreement. Let's get this merged! 🥳 |
|
I'm unsure what |
Current behaviour
Right now, the Base64 encoding is applied before the value is sent to the cookie serializer. but the
optionsobject still takes parameters for overriding theencode/decodefunctions.Expected behaviour
I would expect that when I add my own
encode/decodefunctions, that the value isn't Base64 encoded anymore.Side effects
One side effect of this change, is that you can't sign cookies using the
secretsproperty any more. But the user can still handle that themselves in theencode/decodefunctions.This will give more flexibility to the cookie utils in remix, and allow developers to keep a good DX, by not having to use different APIs for different cookies minimizing confusion.
Testing Strategy
These new tests covers this code