FollowRedirects, set-cookie, final response cookie contents & cookies given on each re-direct request

[Zerkath]

Being redirected will not apply cookies to the subsequent requests, even if the sensitive headers is fully unset.

After the request chain completes the last response receive only has set cookies from that response, not from all the requests leading up to it.

I have PR #2672 submission that has a test case that covers these issues.

Resolution is unclear as there are a few options.

Keeping things as is, maybe improving documentation in regards to edge cases & potential solutions.

Some new configuration option to the FollowRedirectsBackend
which applies cookies on re-direct chain requests, maybe selecting from some collection cookies that are for the same domain as the location?

updating response cookies to also include cookies set during the request chain or a new method that merges request history & cookies.

Related to:
#1434

[Zerkath]

PR was unintentionally submitted in non-draft, I cannot alter it unless I re-submit.

Test suite should be failing, but some of the builds are failing not due to the assertions, but incompatibility due to missing methods. I will look into those issues in the near future.

Otherwise if there's comments on the issue or the PR I would appreciate input.

[adamw]

If I understand correctly, you'd like Set-Cookie responses to be translated to Cookie request headers - of course, if there's a domain match?

From my research it seems that http clients generally implement this kind of functionality. Here how I'd go around doing this:

1. create a CookieStorage class, a think wrapper over an immutable map
2. allow attaching a CookieStorage to a request, using an attribute
3. if there is a CookieStorage attached when sending a request, add the cookies to the request that match the URI's domain
4. in the FollowRedirectsBackend, amend then CookieStorage attached to the request with the cookies from the response

I think this would solve the issue?