Unable to handle duplicate cookies

[christoph...@gmail.com]

I implemented a simple web site with a csrf secure cookie that is reset for each page showing a form. I assumed that simply setting the cookie with the same name and a new value would override the cookie in the client browser.

This assumption is correct as long as the url of the page is the same. To my surprise, when the url are different (same domain name), I end up with two cookies with the same name. I saw this behavior with chromium and firefox which can't be a coincidence. Note that I didn't specified the path when setting the cookie. I assumed that that the path would be "/" by default.

The result is that the client browser is sending two cookies with the same name. Unfortunately, the standard lib returns only the first cookie. The Query method returns an array of values in case of multiple occurrence of the parameter name. It seam that the Cookie method should also return an array of value since we can also get multiple cookies with a same name.

[Sean Liao]

net/http.Request.Cookie is a convenience function documented to return a single cookie

net/http.Request.Cookies will return all cookies, filtering on that should be pretty easy

[christoph...@gmail.com]

Thank you very much. This solves my issue.