Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

onError handler isn't getting called during INVALID_COOKIE_SIGNATURE #707

Open
binamralamsal opened this issue Jul 7, 2024 · 2 comments · May be fixed by #839
Open

onError handler isn't getting called during INVALID_COOKIE_SIGNATURE #707

binamralamsal opened this issue Jul 7, 2024 · 2 comments · May be fixed by #839
Labels
bug Something isn't working

Comments

@binamralamsal
Copy link

What version of Elysia.JS is running?

1.0.26

What platform is your computer?

Microsoft Windows NT 10.0.22631.0 x64

What steps can reproduce the bug?

 .onError(({ code, set, cookie: { accessToken, refreshToken } }) => {
    if (code === "NOT_FOUND")
      return { error: "Route not found :(", status: STATUS.ERROR };

    if (code === "INVALID_COOKIE_SIGNATURE")
      return { error: "Your cookies has been altered", status: STATUS.ERROR };

    set.status = 500;
    return { error: "Internal Server Error", status: STATUS.ERROR };
  })

What is the expected behavior?

When cookies have been altered, it should respond with the format { error: "...", status: "ERROR" }

What do you see instead?

I am just getting raw text when cookies have been altered. onError is not getting called.

Additional information

No response
@binamralamsal binamralamsal added the bug Something isn't working label Jul 7, 2024
@binamralamsal
Copy link
Author

binamralamsal commented Jul 8, 2024
edited
Loading

I am not sure if it's related but when I have separate UI and backend, CORS error is occuring if cookies are altered.

@nxht
Copy link

nxht commented Sep 20, 2024
edited
Loading

Same issue here for WSL, on elysia 1.1.13.
Also, it seems it works fine on aot: false case

Minimal reproduction example:

import Elysia from 'elysia';

export const app = new Elysia({
  cookie: { secrets: 'secret', sign: ['session'] },
})
  .onError(({ error }) => {
    console.log(error);
    return {};
  })
  .get('', ({ cookie: { session } }) => {
    console.log(session);
  })
  .listen(3000);
console.log('listening on port 3000');

Other errors prints the error and return {} as response
But when try sending request with cookie session=1234, error is not caught at all

nxht added a commit to nxht/elysia that referenced this issue Sep 20, 2024
@nxht
fix: elysiajs#707
c2beb9e
@nxht nxht linked a pull request Sep 20, 2024 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix INVALID_COOKIE_SIGNATURE error not calling onError handler nxht/elysia
2 participants
@binamralamsal @nxht