Forwarding the set-cookie header set for CSRF

pmeunier

Apr 27, 2026, 1:10 PM

HRAWXWFEN632GIC22J2D3WLN4ZTYOOOCHXTK4CGNAREZSIZQ4XJAC

Dependencies

• [2] LE34RHBB Fixing a CORS bug

Change contents

• edit in ui/src/hooks.server.ts at line 20
  [2.1225]

  [2.1225]
  + };

  +

  + export const handle = async ({ event, resolve }) => {

  + const response = await resolve(event);

  +

  + const responses = event.locals.fetchResponses ?? [];

  +

  + for (const res of responses) {

  + const setCookie = res.headers.get('set-cookie');

  +

  + if (setCookie) {

  + response.headers.append('set-cookie', setCookie);

  + }

  + }

  +

  + return response;