Merge pull request #548 from ismailcherri/cookie-not-written-with-redirect

[Bug] Flash messages are overwritten with redirects

Author: dbu

src/EventListener/FlashMessageListener.php

@@ -87,15 +87,21 @@ public function onKernelResponse(FlashMessageResponseEvent $event)
             return;
         }
 
+        $response = $event->getResponse();
+
+        // If the response is a redirect, we should wait until the final response
+        // is reached
+        if ($response->isRedirect()) {
+            return;
+        }
+
         $flashBag = $this->session->getFlashBag();
         $flashes = $flashBag->all();
 
         if (empty($flashes)) {
             return;
         }
 
-        $response = $event->getResponse();
-
         $cookies = $response->headers->getCookies(ResponseHeaderBag::COOKIES_ARRAY);
         $host = (null === $this->options['host']) ? '' : $this->options['host'];
         if (isset($cookies[$host][$this->options['path']][$this->options['name']])) {

tests/Functional/EventListener/FlashMessageListenerTest.php

@@ -49,4 +49,36 @@ public function testFlashMessageCookieIsSet()
             $this->fail('Cookie flash_cookie_name not found in the cookie response header: '.implode(',', $cookies));
         }
     }
+
+    public function testFlashMessageCookieIsSetOnRedirect()
+    {
+        $client = static::createClient();
+        $client->followRedirects(true);
+        $client->setMaxRedirects(2);
+        $session = static::$kernel->getContainer()->get('session');
+
+        $client->request('GET', '/flash-redirect');
+        $this->assertFalse($session->isStarted());
+        $response = $client->getResponse();
+        $cookies = $response->headers->getCookies();
+        $this->assertGreaterThanOrEqual(1, $cookies, implode(',', $cookies));
+
+        $found = false;
+        foreach ($cookies as $cookie) {
+            /** @var Cookie $cookie */
+            if ('flash_cookie_name' !== $cookie->getName()) {
+                continue;
+            }
+
+            $this->assertEquals('/', $cookie->getPath());
+            $this->assertNull($cookie->getDomain());
+            $this->assertTrue($cookie->isSecure());
+            $this->assertJsonStringEqualsJsonString(json_encode(['notice' => ['Flash Message!', 'Flash Message!']]), $cookie->getValue());
+            $found = true;
+        }
+
+        if (!$found) {
+            $this->fail('Cookie flash_cookie_name not found in the cookie response header: '.implode(',', $cookies));
+        }
+    }
 }

tests/Functional/Fixtures/Controller/FlashMessageController.php

@@ -13,6 +13,7 @@
 
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Bundle\FrameworkBundle\Controller\Controller;
+use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\Response;
 
 if (!\class_exists(AbstractController::class)) {
@@ -30,4 +31,14 @@ public function flashAction()
 
         return new Response('flash');
     }
+
+    public function flashRedirectAction()
+    {
+        $this->addFlash(
+            'notice',
+            'Flash Message!'
+        );
+
+        return new RedirectResponse('/flash');
+    }
 }

tests/Functional/Fixtures/app/config/routing.yml

@@ -56,5 +56,9 @@ test_flash:
   path: /flash
   defaults: { _controller: FOS\HttpCacheBundle\Tests\Functional\Fixtures\Controller\FlashMessageController::flashAction }
 
+test_flash_redirect:
+  path: /flash-redirect
+  defaults: { _controller: FOS\HttpCacheBundle\Tests\Functional\Fixtures\Controller\FlashMessageController::flashRedirectAction }
+
 user_context_hash:
     path: /secured_area/_fos_user_context_hash

tests/Functional/Fixtures/app/config/routing_41.yml

@@ -56,5 +56,9 @@ test_flash:
   path: /flash
   controller: FOS\HttpCacheBundle\Tests\Functional\Fixtures\Controller\FlashMessageController::flashAction
 
+test_flash_redirect:
+  path: /flash-redirect
+  defaults: { _controller: FOS\HttpCacheBundle\Tests\Functional\Fixtures\Controller\FlashMessageController::flashRedirectAction }
+
 user_context_hash:
     path: /secured_area/_fos_user_context_hash