starred/vinext
1
0
Fork 0
mirror of https://github.com/cloudflare/vinext.git synced 2026-05-09 08:25:34 +02:00
Code Issues 101 Projects Packages Wiki Activity

[PR #365] [MERGED] fix: preserve middleware redirect headers in production #511

New issue
Closed
opened 2026-05-06 13:08:28 +02:00 by BreizhHardware · 0 comments
BreizhHardware commented 2026-05-06 13:08:28 +02:00
Owner
Copy link

📋 Pull Request Information

Original PR: https://github.com/cloudflare/vinext/pull/365
Author: @NathanDrake2406
Created: 3/9/2026
Status: Merged
Merged: 3/9/2026
Merged by: @james-elicx

Base: mainHead: fix/middleware-redirect-headers

📝 Commits (3)

  • e1415ff fix: preserve middleware redirect headers (Set-Cookie) in production
  • 23c8c5a test: update entry template snapshot for redirect header fix
  • b68f76c Merge remote-tracking branch 'origin/main' into fix/middleware-redirect-headers

📊 Changes

7 files changed (+87 additions, -5 deletions)

View changed files

📝 packages/vinext/src/deploy.ts (+7 -1)
📝 packages/vinext/src/index.ts (+7 -1)
📝 packages/vinext/src/server/prod-server.ts (+15 -2)
📝 tests/__snapshots__/entry-templates.test.ts.snap (+7 -1)
📝 tests/deploy.test.ts (+11 -0)
📝 tests/fixtures/pages-basic/middleware.ts (+8 -0)
📝 tests/pages-router.test.ts (+32 -0)

📄 Description

Summary

  • Middleware Set-Cookie headers (and other non-internal headers) on redirect responses were silently dropped in production while working correctly in dev
  • Fixed in three locations: prod-server.ts (Pages Router prod), deploy.ts (Workers entry), index.ts (inline runMiddleware codegen)
  • The dev server at index.ts:2934 already handled this correctly — this was a dev/prod parity bug

Root cause

middleware.ts correctly collects non-internal headers on redirect responses into responseHeaders, but the three production consumers ignored it:

File Issue
prod-server.ts:814 res.writeHead() only sent Location
deploy.ts:600 new Response() only had { Location }
index.ts:786 Inline codegen didn't collect headers for redirects (but did for next() and rewrite())

Test plan

  • tests/deploy.test.ts — verifies generated worker entry references responseHeaders in redirect branch
  • tests/pages-router.test.ts — built entry runMiddleware returns responseHeaders with cookies on redirect
  • tests/pages-router.test.ts — prod server integration: Set-Cookie headers survive middleware redirect response
  • All existing middleware tests pass (28 production build + server middleware tests, 10 deploy middleware tests)

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/cloudflare/vinext/pull/365 **Author:** [@NathanDrake2406](https://github.com/NathanDrake2406) **Created:** 3/9/2026 **Status:** ✅ Merged **Merged:** 3/9/2026 **Merged by:** [@james-elicx](https://github.com/james-elicx) **Base:** `main` ← **Head:** `fix/middleware-redirect-headers` --- ### 📝 Commits (3) - [`e1415ff`](https://github.com/cloudflare/vinext/commit/e1415ffeb433de2341197333d20ea943d2afcb92) fix: preserve middleware redirect headers (Set-Cookie) in production - [`23c8c5a`](https://github.com/cloudflare/vinext/commit/23c8c5a126e5fb499497c721dd9376da997aca1c) test: update entry template snapshot for redirect header fix - [`b68f76c`](https://github.com/cloudflare/vinext/commit/b68f76c28d37fe96f8b627dd088c8c4d8f1e09c7) Merge remote-tracking branch 'origin/main' into fix/middleware-redirect-headers ### 📊 Changes **7 files changed** (+87 additions, -5 deletions) <details> <summary>View changed files</summary> 📝 `packages/vinext/src/deploy.ts` (+7 -1) 📝 `packages/vinext/src/index.ts` (+7 -1) 📝 `packages/vinext/src/server/prod-server.ts` (+15 -2) 📝 `tests/__snapshots__/entry-templates.test.ts.snap` (+7 -1) 📝 `tests/deploy.test.ts` (+11 -0) 📝 `tests/fixtures/pages-basic/middleware.ts` (+8 -0) 📝 `tests/pages-router.test.ts` (+32 -0) </details> ### 📄 Description ## Summary - Middleware `Set-Cookie` headers (and other non-internal headers) on redirect responses were silently dropped in production while working correctly in dev - Fixed in three locations: `prod-server.ts` (Pages Router prod), `deploy.ts` (Workers entry), `index.ts` (inline `runMiddleware` codegen) - The dev server at `index.ts:2934` already handled this correctly — this was a dev/prod parity bug ### Root cause `middleware.ts` correctly collects non-internal headers on redirect responses into `responseHeaders`, but the three production consumers ignored it: | File | Issue | |------|-------| | `prod-server.ts:814` | `res.writeHead()` only sent `Location` | | `deploy.ts:600` | `new Response()` only had `{ Location }` | | `index.ts:786` | Inline codegen didn't collect headers for redirects (but did for `next()` and `rewrite()`) | ## Test plan - [x] `tests/deploy.test.ts` — verifies generated worker entry references `responseHeaders` in redirect branch - [x] `tests/pages-router.test.ts` — built entry `runMiddleware` returns `responseHeaders` with cookies on redirect - [x] `tests/pages-router.test.ts` — prod server integration: `Set-Cookie` headers survive middleware redirect response - [x] All existing middleware tests pass (28 production build + server middleware tests, 10 deploy middleware tests) --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
BreizhHardware 2026-05-06 13:08:28 +02:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
alt/prerender-rsc-sidechannel
codex/pages-router-suite-main
claude/dev-socket-emit-patch
james/wip-agent-test
codex/fix-wrangler-suspense-streaming
hrushikesh/add-semgrep-oss-workflow
fix/preload-link-header-uses-served-url
fix/isr-always-mark-dynamic-with-searchparams
fix/strip-set-cookie-from-app-route-isr-cache-clean
fix/app-pages-fallback-sees-middleware-overrides-v2
opencode/misty-river
opencode/calm-meadow
codex/pages-router-cjs-node-modules
codex/refresh-ai-docs-vp-vite8
fix/suspense-flash-navigation-639
fix/issue-589
fix/route-handler-dynamic-detection-v3
fix/route-handler-dynamic-detection-v2
fix/route-handler-dynamic-detection
opencode/quiet-nebula
fix/include-query-in-route-handler-isr-key
fix/block-dangerous-uri-schemes
fix/use-post-middleware-context-for-headers
opencode/playful-mountain
opencode/quiet-sailor
feat/payload-cms-fixture
feat/static-prerender-build
opencode/cosmic-knight
fix/isr-stream-tee-no-double-render
codex/wrangler-auth-ux
docs/update-contributing
improve/vitest-workspace-split
feat/auto-pr-review
docs/skills-field-learnings
feat/nuqs-e2e-clean
feat/next-font-implementation
fix/rsc-navigation-credentials
chonky-list
fix/cli-version
ci/commit-version-bump
ci/publish-chat-notification
opencode/mighty-mountain
fix/rsc-optimizedeps-react-server
v0.0.49
v0.0.48
v0.0.47
v0.0.46
v0.0.45
v0.0.44
v0.0.43
v0.0.42
v0.0.41
v0.0.40
v0.0.39
v0.0.38
v0.0.37
v0.0.36
v0.0.35
v0.0.34
v0.0.33
v0.0.32
v0.0.31
v0.0.30
v0.0.29
v0.0.28
v0.0.27
v0.0.26
v0.0.25
v0.0.24
v0.0.23
v0.0.22
v0.0.21
v0.0.20
v0.0.19
v0.0.18
v0.0.17
v0.0.16
v0.0.15
v0.0.14
v0.0.13
v0.0.12
v0.0.11
v0.0.10
v0.0.9
v0.0.8
v0.0.7
v0.0.6
Labels
Clear labels   
enhancement

   
enhancement

   
good first issue

   
help wanted

   
nextjs-tracking

   
nextjs-tracking

   
pull-request
Mirrored from GitHub Pull Request

No labels
enhancement
enhancement
good first issue
help wanted
nextjs-tracking
nextjs-tracking
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/vinext#511
No description provided.