indigophox commented on PR #40071: URL: https://github.com/apache/arrow/pull/40071#issuecomment-1971975310
> I've been working on the Go implementation of sessions (#40284) and also ran into this issue in a few ways. My general takeaway is that I think it likely makes sense to send metadata which may be dependent on RPC behavior (such as session cookies) in the response trailer rather than the header. In fact, given the [documentation](https://grpc.io/docs/guides/metadata/#headers) on gRPC metadata it's not clear that ignoring changes to headers after RPC handlers have started is in fact broken behavior. There is a separate but related issue, however, which is that not all clients currently check the trailer for metadata. Go and C++ do, but it appears Java only does when an error is caught. Unfortunately cookies absolutely have to be set as part of headers not trailers: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Trailer#directives I'm definitely not saying that this is broken (not-as-documented) behaviour on gRPC's part, but it's inconsistent with Arrow Flight documentation and with other e.g. Java implementations thereof, and also extremely inconvenient (breaking) as the existing behaviour means that RPC handlers—which otherwise have access to the middleware context—can have no influence on Set-Cookie response headers. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
