Inconsistency between lambdas & http-direct: multiple headers

I have a Datomic Ions app where I need to include multiple cookies in a response. Here’s an example of my response map.

{
   :status 200
   :headers {
             "content-type" "application/json"
             "Set-cookie" "b=cookie"
             "set-cookie" "a=cookie" }
   :body "{\"data\": \"stuff\"}"
   }

When deployed via :lambdas, I get this response.

< HTTP/2 200
< date: Mon, 29 Jun 2020 20:11:38 GMT
< content-type: application/json
< content-length: 314
< x-amzn-requestid: ---
< set-cookie: a=cookie
< set-cookie: b=cookie
< x-amz-apigw-id: ---
< x-amzn-trace-id: Root=---;Sampled=0

When deployed via :http-direct, I get this response.

< HTTP/2 200
< content-type: application/json
< content-length: 264
< date: Sun, 28 Jun 2020 07:30:54 GMT
< x-amzn-requestid: ---
< x-amzn-remapped-content-length: 264
< set-cookie: b=cookie
< x-amz-apigw-id: ---
< x-amzn-remapped-server: Jetty(9.4.24.v20191120)
< x-amzn-remapped-date: Sun, 28 Jun 2020 07:30:53 GMT
< x-cache: Miss from cloudfront

Note that only one of the set-cookie headers was included.

[Edit] formatting.

2 Likes

We’ve also been unable to set multiple cookies using a default configuration of ring.middleware.cookies with HTTP Direct. Luckily we haven’t actually needed to, but it did come as a surprise.

IIRC, an exception was generated somewhere in Jetty after the HTTP Direct handler returned a response with {:cookies [,,,]}, expecting {:cookies ",,,"}. Our workaround would likely make many on this forum blush and I’d love to get rid of it!

I’d be happy to gather additional details and provide more concrete information to anyone looking further into this.

1 Like

The specs around HTTP Direct seem to be much more restrictive than apigw/ionize.