Skip to content

Commit 8e4d7b6

Browse files
committed
fix: ensure internal x-middleware-set-cookie header is not set when setting cookies in middleware
1 parent 2810004 commit 8e4d7b6

File tree

1 file changed

+4
-0
lines changed

1 file changed

+4
-0
lines changed

edge-runtime/lib/middleware.ts

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -67,6 +67,10 @@ export function mergeMiddlewareCookies(middlewareResponse: Response, lambdaReque
6767
const middlewareCookies = middlewareResponse.headers.get('x-middleware-set-cookie')
6868

6969
if (middlewareCookies) {
70+
// Next expects internal headers to be omitted when cookies are set by the middleware
71+
// See: https://github.com/vercel/next.js/blob/005db43079c7b59fd8c2594e8362761dc4cb3211/test/e2e/app-dir/app-middleware/app-middleware.test.ts#L197-L207
72+
middlewareResponse.headers.delete('x-middleware-set-cookie')
73+
7074
// Targets commas that are not followed by whitespace
7175
// See: https://github.com/vercel/next.js/blob/e6145d3a37bb4c7b481fd58e05cdff9046ace8ad/packages/next/src/server/web/spec-extension/response.ts#L58-L66
7276
const regex = new RegExp(/,(?!\s)/)

0 commit comments

Comments
 (0)