Currently tornado collapses multiple Set-Cookie headers from the response into a single header with comma-separated cookies. This makes parsing on the client-side very hard as the expires parameter in the Set-Cookie header also has ',' in it.
For example, if the origin server issues the following response headers,
HTTP/1.1 302 Found
Date: Mon, 23 Mar 2015 18:24:11 GMT
Server: Apache
Pragma: no-cache
Set-Cookie: Navajo=3wJATUguEoQWBd0-; Domain=.server.com; Path=/; Secure; Version=1; HttpOnly
Set-Cookie: NID=74=pPAmuMR-fBtT9mbGOeC2maregcA4JoK43YfBDlXrfqgH5PMmd2Wy-QF_i_Ygc3AgzxSkhvLVBiHEri3k8gl2SiuwgHO68aHb-uousPE9jI346KprSS9enikTZx9ImHrWso8GglTYyeINnlwe9Kc4kb50ufiqxH4s1pbyDnD2; expires=Wed, 08-Jun-2016 14:57:52 GMT; path=/; domain=.google.nl; HttpOnly,CONSENT=WP.24dd69; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.nl
Location: https://server.com/something
Cache-Control: no-cache
Expires: Thu, 1 Jan 1970 00:00:00 GMT
Content-Length: 285
Content-Type: text/html; charset=utf-8
Set-Cookie: BITD-Persistence=1638274978.47873.0000; path=/
The self.response.headers.get("Set-Cookie", None) call returns collapsed cookies (separated by ','). In order to avoid this, I need the _raw_ Set-Cookie header so that multiple cookies can be parsed by \r\n control characters.
More details in a similar issue, https://github.com/jnunemaker/httparty/issues/384
The HTTPHeaders object has two getter methods: get(), which returns a single comma-separated list, and get_list(), which returns a list. The latter is necessary for headers like Set-Cookie.
ok, thanks!
Most helpful comment
The
HTTPHeadersobject has two getter methods:get(), which returns a single comma-separated list, andget_list(), which returns a list. The latter is necessary for headers likeSet-Cookie.