Channels
bot-training
community
contributing
general
github-activity
info
introductions
new-releases
random
security
support-questions
welcome-0xdelusion
welcome-aj-ya
welcome-aleksandrc
welcome-alpinjs
welcome-amberlamps1
welcome-andrew-rodriguez
welcome-ankit-choudhary
welcome-anthony-stod-custodio
welcome-call-in
welcome-chwalbox
welcome-claybiokiller
welcome-co7e
welcome-cosmoecwsa
welcome-devdag
welcome-dinso
welcome-drebotelho
welcome-elio
welcome-ernest
welcome-foxbarrington
welcome-fromscratch
welcome-galto4ir
welcome-goetzum
welcome-hay-kot
welcome-himanshu-kukreja
welcome-hossambarakat
welcome-ichikawakazuto
welcome-jahir9991
welcome-jamesl
welcome-jerry123424
welcome-john-oliver
welcome-jonas-alexanderson
welcome-jxyz
welcome-kelvinwop
welcome-kraz
welcome-lancekey
welcome-leoo
welcome-lukeacollins
welcome-m-j-mon
welcome-malik-khoja
welcome-marco
welcome-mardadi
welcome-meshguy
welcome-metamorph
welcome-mike-tectu
welcome-mirzok
welcome-mozomig
welcome-naberyou66_
welcome-nacer
welcome-namratha
welcome-naveenkumar
welcome-nightlight
welcome-nischith
welcome-notankit
welcome-olawumi
welcome-pavan-kumar-reddy-n
welcome-pineappaul
welcome-poothebear
welcome-rick
welcome-samuel-qosenergy
welcome-samuelstroschein
welcome-shubhamgoel23
welcome-shubhamkaushal
welcome-sidebar
welcome-surajsli
welcome-suyash_
welcome-syntaxerror
welcome-tauno
welcome-tawnoz
welcome-teclali
welcome-tls
welcome-turbosepp
welcome-vikram_shadow
Title
d
DanielAtStruggly
02/15/2023, 3:04 PMHi SuperTokens Team, it looks like that the upgrade from v12.1.6 to v13.02 (v0.4.1 to v0.5) cannot be done without migration actions. I changed both versions and get into trouble cause some headers will be set differently as expected (does the default transfer method change?). Is there a documentation somewhere which tackles the migration to v13, as the release notes doesn't say anything about it?
r
rp
02/15/2023, 3:06 PMhey @DanielAtStruggly
The default transfer method doesn't change, and the migration should work fine if you have updated both the frontend and backend. But we have had other people complain about it too.
Can you tell me the observed behaviour please?
d
DanielAtStruggly
02/15/2023, 3:10 PMSure give me some minutes.
r
rp
02/15/2023, 3:10 PMSure.
d
DanielAtStruggly
02/15/2023, 3:25 PMI updated both versions, frontend and backend.
I noticed the following:
For our E2E test (Testcafe) we are calling the auth/signin endpoint to retrieve the auth cookies.
We did that by getting the response header value by the key 'set-cookie'. This header key doesn't exist anymore (it's not the best option, I know, but it worked with V12.1.6).
r
rp
02/15/2023, 3:26 PMHmmm. That’s strange. Can you print out the response headers?
I mean the sign in api response headers *
d
DanielAtStruggly
02/15/2023, 3:30 PMheaders {
'cross-origin-opener-policy': 'same-origin',
'cross-origin-resource-policy': 'same-origin',
'x-dns-prefetch-control': 'off',
'x-frame-options': 'SAMEORIGIN',
'strict-transport-security': 'max-age=15552000; includeSubDomains',
'x-download-options': 'noopen',
'x-content-type-options': 'nosniff',
'origin-agent-cluster': '?1',
'x-permitted-cross-domain-policies': 'none',
'referrer-policy': 'no-referrer',
'x-xss-protection': '0',
vary: 'Origin',
'access-control-allow-credentials': 'true',
'front-token': 'eyJ1.....xxxxxxx',
'access-control-expose-headers': 'front-token, st-access-token, st-refresh-token',
'st-access-token': 'def.....xxxx',
'st-refresh-token': 'sp8zA... xxxx7f.V2',
'content-type': 'application/json; charset=utf-8',
'content-length': '127',
etag: 'W/"7f-rjhH0uYEmddslJz9sRtpf8/dyTo"',
date: 'Wed, 15 Feb 2023 15:27:55 GMT',
connection: 'close'
}r
rp
02/15/2023, 3:32 PMAh right. Yea.
You need to set the st-auth-mode header in the request to cookies
Cookie*
Our web frontend SDK does this on its own
But I think you are not using that for e2e tests
d
DanielAtStruggly
02/15/2023, 3:35 PMAh, exactly. Calling the auth/signin endpoint via the website itself returns the "set-cookie" header keys.
So setting the
st-auth-mode headerr
rp
02/15/2023, 3:35 PMYes. You want to set the value of it to “cookie”
d
DanielAtStruggly
02/15/2023, 3:35 PM🙌