Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Lambda function URL not returning multiple cookies

0

I have a Lambda function URL that needs to return multiple cookies. Unlike API Gateway, it would appear that there may be a bug in the Lambda function URL code. I have the following sample code

def lambda_handler(event, context):

    return {
        'statusCode': 200,
        'headers': {
                'Content-Type': 'text/html',
                'Set-Cookie' : [
                    'cookie1=hello; Secure; HttpOnly;',
                    'cookie2=howdy; Secure; HttpOnly;'
                    ]
            },
        'body': '<html><h1>Hello</h1><p>Lambda rocks!</p></html>'
    }

When executing the URL (eg curl https://xxxxx.lambda-url.ap-southeast-2.on.aws/ -v 2>&1 | grep "set-cookie") I would expect to see something like

set-cookie: cookie1=hello; Secure; HttpOnly;
set-cookie: cookie2=howdy; Secure; HttpOnly;

Instead, the function URL mangles up the output, and returns something like this

set-cookie: [cookie1=hello; Secure; HttpOnly;, cookie2=howdy; Secure; HttpOnly;]

There is precedent for using multiValueHeaders with Lambda through API gateway (see https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-lambda-proxy-integrations.html#api-gateway-simple-proxy-for-lambda-output-format) yet the same functionality does not appear to exist on Lambda Function URLs.

Have you been able to send multiple cookies from a Lambda function through the function URLs, and how were you able to achieve it in your environment?

  • Riley
    2 years ago

    Did you ever figure out a way to send multiple cookies with Set-Cookie in a Lambda function (without the API Gateway)?

Topics
ServerlessCompute
Tags
AWS Lambda
Language
English
asked 3 years ago1.6K views
3 Answers
1

As per the 2.0 format, you can you the cookies attribute:

{
  "statusCode": 200,
  "body": "<html><div><b>V2</b></div></html>",
  "headers": {
    "Content-Type": "text/html"
  },
  "cookies": [
    "CloudFront-Key-Pair-Id=foo; Path=/",
    "CloudFront-Policy=foo; Path=/",
    "CloudFront-Signature=foo; Path=/"
  ]
}

Link: https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html

answered 2 years ago
0

So multivalueValueHeaders doesnt work as per format 2.0:

https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html

Which points you to use "cookies" field:

https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html#http-api-develop-integrations-lambda.v2:~:text=To%20customize%20the%20response%2C%20your%20Lambda%20function%20should%20return%20a%20response%20with%20the%20following%20format.

Which also doesn't work which leaves us with "case iteration":

# python 3
  response = {
        "statusCode": 200,
        "headers": {
            "Set-cookie": "cookie1=1",
            "SEt-cookie": "cookie2=2",
            "SET-cookie": "cookie2=2"
        }
    }

Or library that maybe accomplishes above:

https://github.com/Jawshua/aws-lambda-cookies/tree/master

answered 3 years ago
-1

Use multiValueHeaders instead of headers..

const response = {
        statusCode: 200,
        multiValueHeaders : {"Set-Cookie": [`language=${language}`, `theme=${theme}`]},
        body: JSON.stringify('User profile set successfully')
    };
AWS
answered 3 years ago
  • mbklein
    3 years ago

    This approach isn't working for me. It's the correct approach in API Gateway, but the multiValueHeaders key seems to be ignored on Lambda Function URLs.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content