fix: http handler set cookie only when cookie_enabled=true. (#16992)

databendlabs · Dec 4, 2024 · e1cfad6 · e1cfad6
1 parent 5581b05
commit e1cfad6
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 3 deletions.
diff --git a/src/query/service/src/servers/http/middleware/session.rs b/src/query/service/src/servers/http/middleware/session.rs
@@ -397,9 +397,11 @@ impl<E> HTTPSessionEndpoint<E> {
             }
         }
 
-        let ts = unix_ts().as_secs().to_string();
-        req.cookie()
-            .add(Cookie::new_with_str(COOKIE_LAST_ACCESS_TIME, ts));
+        if cookie_enabled {
+            let ts = unix_ts().as_secs().to_string();
+            req.cookie()
+                .add(Cookie::new_with_str(COOKIE_LAST_ACCESS_TIME, ts));
+        }
 
         let session = session_manager.register_session(session)?;
 

diff --git a/tests/suites/1_stateful/09_http_handler/09_0009_cookie.py b/tests/suites/1_stateful/09_http_handler/09_0009_cookie.py
@@ -96,9 +96,17 @@ def test_temp_table():
     assert not session_state["need_keep_alive"]
 
 
+def test_no_cookie_if_not_enabled():
+    client = requests.session()
+    resp = do_query(client, "select 1")
+    assert resp.status_code == 200, resp.text
+    assert len(client.cookies.items()) == 0
+
+
 def main():
     test_simple()
     test_temp_table()
+    test_no_cookie_if_not_enabled()
 
 
 if __name__ == "__main__":