JS Puppeteer cookie - ';' not allowed?

Question

I'm trying to connect with an external API and have to add a cookie to my POST call, but it seems the length is too long for puppeteer (13.5.0)?

EDIT

After some experimenting, it seems that the issue is not the length, but the use of the char ";". Is there a way to fix that?

As mentioned in the comments I've tried encodeURIComponent(), although the call is getting processed (instead of giving an error) the server is not letting it pass and throws an error back, when I use it in postman, the not encoded cookie works, the encoded cookie doesn't work.

According to this most modern backends have decoding, the one we're using apparently doesn't (it's a pretty old one). Semicolons however should not be illegal to use.

ref. RFC 2965 page 12, paragraph 3

Note: For backward compatibility, the separator in the Cookie header is semi-colon (;) everywhere.

END EDIT

When I do it in my javascript

await page.setCookie({name: 'Cookie', value: cookie, domain: 'https://www.example.com'});

When I set the cookie value to a shorter string, without a semicolon, the call seems to work. But with the necessary cookie I get an error message.

The error:

error: new Errors_js_1.ProtocolError(),
       ^

ProtocolError: Protocol error (Network.setCookies): Invalid cookie fields
    at C:\Users\james\OneDrive\Bureaublad\connector\node_modules\puppeteer\lib\cjs\puppeteer\common\Connection.js:230:24
    at new Promise (<anonymous>)
    at CDPSession.send (C:\Users\james\OneDrive\Bureaublad\connector\node_modules\puppeteer\lib\cjs\puppeteer\common\Connection.js:226:16)
    at Page.setCookie (C:\Users\james\OneDrive\Bureaublad\connector\node_modules\puppeteer\lib\cjs\puppeteer\common\Page.js:772:32)
    at processTicksAndRejections (node:internal/process/task_queues:96:5)
    at async loginRequest (C:\Users\james\OneDrive\Bureaublad\connector\connector.js:46:5) {
  originalMessage: 'Invalid cookie fields'
}

the cookie I need to use (433 chars long):

Shortloin=alcatrasalami80er~SOCbiltongvenisonk/zPA==;chicken=leberkasdrumstickboudinbuffalofrankfurtershortribshamburger;Cowfatback=capicola;brisket=frankfurtersausageshanklelandjaegerdrumstickbacontonguechuckpigchislicbresaola;Cupimp=icanhabresaolaleberkas;Pancetta=picanhagroundroundbresaola;Tailcapicolaballtipmeatloaftenderloinchislicshankcornedbeefcowburgdoggen;Brisketdrumsticktenderloinshankporchetta;alcatratur=duckenTailswinesalamipicanha

I've tried the same method in postman, where I just added the cookie in the headers page with one key using semicolons and the call worked fine.

Minimal reproducible example:

const puppeteer = require('puppeteer');
const loginPage = 'https://stackoverflow.com/';

async function login() {
    const browser = await puppeteer.launch();
    const page = await browser.newPage();
    await page.setCookie({name: 'Cookie', value: 'cookie=test;test=cookie' , domain: 'stackoverflow.com'}); 
    await page.goto(loginPage);
}

login();

433 characters should definitely be small enough https://stackoverflow.com/a/4604212/989920 — evolutionxbox, Mar 11 '22 at 12:39
I hope you've changed that cookie value before sharing it on a site that gets millions of site visitors a day... True, without the domain, it's not of much use, but still. — Heretic Monkey, Mar 11 '22 at 12:42
Yep I changed it :) , I guess I could mod it some more though — James D, Mar 11 '22 at 12:43
Hmmm doesn't seem to be the length but the use of ; which is giving an issue — James D, Mar 11 '22 at 13:44
@epascarello although the call is getting processed the server is not letting it pass en throws an error back, when I use it in postman, not encoded it works, encoded it doesn't — James D, Mar 11 '22 at 14:39
What error is the server throwing when you submit the encoded version? — Tim, Mar 15 '22 at 17:40
@Tim It's giving me the error xhtml page, as if the cookie used isn't valid. No mention of what specifically was wrong is detailed on that page. It's the type with "Oops something went wrong" message — James D, Mar 15 '22 at 18:05

score 0 · Accepted Answer · answered Mar 16 '22 at 16:41

It looks like you are conflating the value of an individual cookie with the cookie string that gets included in HTTP request headers.

// whoops, passing an etnire cookie string instead of the cookie value
await page.setCookie({name: 'Cookie', value: 'cookie=test;test=cookie' , domain: 'stackoverflow.com'});

You can either pass a cookie string (e.g. cookie=test;test=cookie) within your HTTP request (which I think is what you are doing with postman), or set a cookie in the browser window that will get included in subsequent HTTP requests.

page.setCookie allows you to set a cookie in the browser and, conveniently takes an array of cookies (see https://github.com/puppeteer/puppeteer/blob/main/docs/api.md#pagesetcookiecookies).

So if you want to pass multiple cookies you can do so like this:

const cookies = [
  { name: 'cookie', value: 'test', domain: 'stackoverflow.com' },
  { name: 'test', value: 'cookie', domain: 'stackoverflow.com' },
];

await page.setCookie(...cookies);

JS Puppeteer cookie - ';' not allowed?

1 Answers1