Set-Cookie response header does not contain the complete list of cookies

[holbora]

Q&A (please complete the following information)

• OS: macOS
• Environment: Node.js v18.16.0, npm v9.5.1
• Method of installation: npm
• Swagger-Client version: 3.19.6
• Swagger/OpenAPI version: Swagger 2.0 or OpenAPI 3.0

Content & configuration

Swagger/OpenAPI definition:

openapi: 3.0.0
info:
  version: 1.0.0
servers:
  - url: http://localhost:3000
paths:
  /test:
    get:
      tags:
        - test
      operationId: getCookies
      responses:
        200:
          description: Check for Set-Cookie response header

Describe the bug you're encountering

To reproduce...

Steps to reproduce the behavior:

1. Minimal Express server with 2 routes, one of which sets 2 cookies

File: server.js

const express = require('express');
const app = express();
const { promises: fs } = require("fs");
const { start } = require('repl')
 
app.get('/test', function (req, res) {
  res.cookie('cookie1', 'value1');
  res.cookie('cookie2', 'value2');
 
  res.send();
})
 
app.get('/spec', async function (req, res) {
  const spec = await fs.readFile('./spec.yaml', 'utf8');
  res.setHeader('content-type', 'text/yaml');

  res.send(spec);
})
 
app.listen(3000);

File: spec.yaml

openapi: 3.0.0
info:
  version: 1.0.0
servers:
  - url: http://localhost:3000
paths:
  /test:
    get:
      tags:
        - test
      operationId: getCookies
      responses:
        200:
          description: Check for Set-Cookie response header

File: package.json

{
  "name": "swagger-service",
  "version": "1.0.0",
  "description": "",
  "main": "server.js",
  "scripts": {
    "test": "echo \"Error: no test specified\" && exit 1",
    "start": "node server.js"
  },
  "author": "",
  "license": "ISC",
  "dependencies": {
    "express": "4.18.2"
  }
}

Install the dependencies: npm install
Start the API: npm start

2. Test application

File: index.js

const swagger = require('swagger-client');
 
(async () => {
  let client;
  try {
    client = await swagger('http://localhost:3000/spec');
  } catch (error) {
    console.error(error);
    return;
  }
 
  let headers;
  try {
    ({ headers } = await client.apis.test.getCookies());
  } catch (error) {
    console.error(error);
    return;
  }
 
  console.log('Set-Cookie header:\n', headers['set-cookie']);
})();

File: package.json

{
  "name": "swagger-test",
  "version": "1.0.0",
  "description": "",
  "main": "index.js",
  "dependencies": {
    "swagger-client": "3.19.6"
  },
  "scripts": {
    "test": "echo \"Error: no test specified\" && exit 1",
    "start": "node index.js"
  },
  "author": "",
  "license": "ISC"
}

Install the dependencies: npm install
Start the test application: npm start

Expected result

Set-Cookie header:
cookie1=value1; Path=/,cookie2=value2; Path=/

Actual result

Set-Cookie header:
cookie2=value2; Path=/

Additional context or thoughts

I have been using swagger-client for a few years now. The problem first appeared in Node.js 18.14.x.
I am almost positive it has to do with the way the headers are serialized in the serializeHeaders function.
For testing purposes, you can configure request.userFetch to use the got npm library; this avoids the bug because got returns the Set-Cookie header as an array.
I can put up a pull request with a potential fix for this.

Thank you!

[zulfikarrosadi]

do we have solution for this now?