net/http.Request.Cookie is a convenience function documented to return a single cookie net/http.Request.Cookies will return all cookies, filtering on that should be pretty easy
On Thursday, September 23, 2021 at 10:02:34 AM UTC+2 christoph...@gmail.com wrote: > I implemented a simple web site with a csrf secure cookie that is reset > for each page showing a form. I assumed that simply setting the cookie with > the same name and a new value would override the cookie in the client > browser. > > This assumption is correct as long as the url of the page is the same. To > my surprise, when the url are different (same domain name), I end up with > two cookies with the same name. I saw this behavior with chromium and > firefox which can't be a coincidence. Note that I didn't specified the path > when setting the cookie. I assumed that that the path would be "/" by > default. > > The result is that the client browser is sending two cookies with the same > name. Unfortunately, the standard lib returns only the first cookie. The > Query method returns an array of values in case of multiple occurrence of > the parameter name. It seam that the Cookie method should also return an > array of value since we can also get multiple cookies with a same name. > -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/07b6897f-19c2-488c-9e1d-636b4eec05a8n%40googlegroups.com.
