request-promise: Behavior inconsistency with `request` re: `tough-cookie` integration

Normally I’d try to dig more for an explanation, but I’m a bit confounded here. I’m doing some cookie construction / management by hand via tough-cookie to maintain sessions for my API calls, and it looks like request and request-promise are giving me two different behaviors, where request works but request-promise does not.

The problematic code is as follows

const request = require('request');
const requestPromise = require('request-promise');
const tough = require('tough-cookie');

let sessionCookie = new tough.Cookie({
    key: "some_key",
    value: "some_value",
    domain: 'api.mydomain.com',
    httpOnly: true,
    maxAge: 31536000
});
let cookiejar = request.jar();
cookiejar.setCookie(sessionCookie, 'https://api.mydomain.com'); // does not throw an error


let sessionCookie2 = new tough.Cookie({
    key: "some_key",
    value: "some_value",
    domain: 'api.mydomain.com',
    httpOnly: true,
    maxAge: 31536000
});
let cookiejar2 = requestPromise.jar();
cookiejar2.setCookie(sessionCookie2, 'https://api.mydomain.com'); // TypeError: str.trim is not a function

Is it just a version/dependency thing? Am I just abusing the concept of cookie jars beyond repair? From my package.json:

    "request": "^2.81.0",
    "request-promise": "^4.2.0",
    "tough-cookie": "^2.3.2",

I’m leaving the request.jar() patch in for now, but I’d love to know what’s going wrong exactly

Thanks in advance, Scotty

About this issue

Original URL
State: closed
Created 7 years ago
Reactions: 10
Comments: 20 (6 by maintainers)

Most upvoted comments

Same here with this

const cookieJar = rp.jar();
const cookie: request.Cookie | string = request.cookie(cookieDetails.toString()) || '';
cookieJar.setCookie(cookie, `https://${ domain }`);

Yet, replacing the last 2 lines with: cookieJar.setCookie(cookieDetails.toString(), `https://${ domain }`);

seems to solve this. 🤨

+16

guillaumegarcia13 on Jun 15, 2018

cookieJar.setCookie(cookie.toString(), https://${ domain });

toString(). It’s work for me

fXy-during on Aug 24, 2018

I just published request-promise@4.2.1 which includes the fix. Thanks again for bringing this up!

analog-nico on May 8, 2017

Like @kapilchokhawala, I started getting this error again (I’m not sure whether it was triggered by a new version of one of the relevant packages). This time, the error happened even when I used let jar = request.jar(); (which seems to have been the workaround I had found last year, using the non-promise request lib)

The solution over in this request issue thread seemed to have worked, but feels a bit brittle to dig into the internals of request / tough-cookie

            let toughCookieJar = new tough.CookieJar(undefined, {looseMode: true});
            let jar = request.jar();
            jar._jar = toughCookieJar;
            jar.setCookie(cookieObject, endpoints.base);

ScottyMJacobson on Jun 5, 2018

@frejus123 If you use the same code as shown in the README then most likely you have tough-cookie installed multiple times. Please run npm ls tough-cookie to verify that and make sure you have it installed only once.

analog-nico on Jun 28, 2017

The problem is not solved yet.

±- request@2.83.0 | -- tough-cookie@2.3.4 +-- request-promise@4.2.1 | – tough-cookie@2.4.2 deduped `-- tough-cookie@2.4.2

The Version Work for me. “request”: “^2.81.0”, “request-promise”: “^4.2.1”, “tough-cookie”: “2.3.2”,

HELLKING66666 on Aug 9, 2018

I’m also getting the same error msg after upgrading from 2.3.4 to 2.4.2: TypeError: str.trim is not a function

at Function.parse (node_modules/request/node_modules/tough-cookie/lib/cookie.js:428:13)
      at CookieJar.setCookie (node_modules/request/node_modules/tough-cookie/lib/cookie.js:1004:21)
      at CookieJar.setCookieSync (node_modules/request/node_modules/tough-cookie/lib/cookie.js:1395:18)
      at RequestJar.setCookie (node_modules/request/lib/cookies.js:25:20)

Actually, the problem seems to be in the request pkg. Upgrading request from 2.83.0 to 2.87.0 breaks tough-cookie / jar process. I downgraded request back to 2.83.0 and things are working now.

├─┬ request@2.87.0
│ └── tough-cookie@2.3.4
├─┬ request-promise-native@1.0.5
│ └── tough-cookie@2.3.4  deduped
└── tough-cookie@2.3.4
vs:

├─┬ request@2.83.0
│ └── UNMET DEPENDENCY tough-cookie@~2.3.3
├─┬ request-promise-native@1.0.5
│ └── tough-cookie@2.4.2  deduped
└── tough-cookie@2.4.2

milespoindexter on Jun 13, 2018

@frejus123 Excellent. I’ll add a note to the README for people who experience the same issue as you just did. Happy coding!

analog-nico on Jun 28, 2017