[cookies] fixes #309

The reason for this bug, is because we just changed the semantics of setHeader to overwrite any existing identical header and the cookie behaviour was depending on the addative behaviour
SuaveIO · Oct 13, 2015 · b650ab3 · b650ab3
1 parent abec24b
commit b650ab3
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 3 deletions.
diff --git a/examples/Example/Program.fs b/examples/Example/Program.fs
@@ -98,8 +98,13 @@ let app =
     path "/session"
       >>= statefulForSession // Session.State.CookieStateStore
       >>= context (fun x ->
-        match x |> HttpContext.state with
-        | None -> Redirection.FOUND "/session" // restarted server without keeping the key; set key manually?
+        match HttpContext.state x with
+        | None ->
+          // restarted server without keeping the key; set key manually?
+          let msg = "Server Key, Cookie Serialiser reset, or Cookie Data Corrupt, "
+                    + "if you refresh the browser page, you'll have gotten a new cookie."
+          OK msg
+
         | Some store ->
           match store.get "counter" with
           | Some y ->

diff --git a/src/Suave/Cookie.fs b/src/Suave/Cookie.fs
@@ -114,7 +114,7 @@ module Cookie =
   let unsetCookie (cookieName : string) =
     let startEpoch = DateTimeOffset(1970, 1, 1, 0, 0, 1, TimeSpan.Zero) |> Some
     let stringValue = HttpCookie.toHeader { HttpCookie.mkKV cookieName "x" with expires = startEpoch }
-    Writers.setHeader "Set-Cookie" stringValue
+    Writers.addHeader "Set-Cookie" stringValue
 
   let setPair (httpCookie : HttpCookie) (clientCookie : HttpCookie) : WebPart =
     context (fun { runtime = { logger = logger } } ->