Lambda function URL not returning multiple cookies

0

I have a Lambda function URL that needs to return multiple cookies. Unlike API Gateway, it would appear that there may be a bug in the Lambda function URL code. I have the following sample code

def lambda_handler(event, context):

    return {
        'statusCode': 200,
        'headers': {
                'Content-Type': 'text/html',
                'Set-Cookie' : [
                    'cookie1=hello; Secure; HttpOnly;',
                    'cookie2=howdy; Secure; HttpOnly;'
                    ]
            },
        'body': '<html><h1>Hello</h1><p>Lambda rocks!</p></html>'
    }

When executing the URL (eg curl https://xxxxx.lambda-url.ap-southeast-2.on.aws/ -v 2>&1 | grep "set-cookie") I would expect to see something like

set-cookie: cookie1=hello; Secure; HttpOnly;
set-cookie: cookie2=howdy; Secure; HttpOnly;

Instead, the function URL mangles up the output, and returns something like this

set-cookie: [cookie1=hello; Secure; HttpOnly;, cookie2=howdy; Secure; HttpOnly;]

There is precedent for using multiValueHeaders with Lambda through API gateway (see https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-lambda-proxy-integrations.html#api-gateway-simple-proxy-for-lambda-output-format) yet the same functionality does not appear to exist on Lambda Function URLs.

Have you been able to send multiple cookies from a Lambda function through the function URLs, and how were you able to achieve it in your environment?

profile picture
massyn
asked a year ago410 views
3 Answers
0

Use multiValueHeaders instead of headers..

const response = {
        statusCode: 200,
        multiValueHeaders : {"Set-Cookie": [`language=${language}`, `theme=${theme}`]},
        body: JSON.stringify('User profile set successfully')
    };
profile pictureAWS
answered a year ago
  • This approach isn't working for me. It's the correct approach in API Gateway, but the multiValueHeaders key seems to be ignored on Lambda Function URLs.

0

So multivalueValueHeaders doesnt work as per format 2.0:

https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html

Which points you to use "cookies" field:

https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html#http-api-develop-integrations-lambda.v2:~:text=To%20customize%20the%20response%2C%20your%20Lambda%20function%20should%20return%20a%20response%20with%20the%20following%20format.

Which also doesn't work which leaves us with "case iteration":

# python 3
  response = {
        "statusCode": 200,
        "headers": {
            "Set-cookie": "cookie1=1",
            "SEt-cookie": "cookie2=2",
            "SET-cookie": "cookie2=2"
        }
    }

Or library that maybe accomplishes above:

https://github.com/Jawshua/aws-lambda-cookies/tree/master

answered 8 months ago
0

As per the 2.0 format, you can you the cookies attribute:

{
  "statusCode": 200,
  "body": "<html><div><b>V2</b></div></html>",
  "headers": {
    "Content-Type": "text/html"
  },
  "cookies": [
    "CloudFront-Key-Pair-Id=foo; Path=/",
    "CloudFront-Policy=foo; Path=/",
    "CloudFront-Signature=foo; Path=/"
  ]
}

Link: https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html

answered 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions