proxyds: delete cookies except those listed in keepCookies

pkg/api/pluginproxy/ds_proxy.go

@@ -135,9 +135,24 @@ func (proxy *DataSourceProxy) getDirector() func(req *http.Request) {
 			req.Header.Add("Authorization", dsAuth)
 		}
 
-		// clear cookie headers
+		// clear cookie header, except for whitelisted cookies
+		var keptCookies []*http.Cookie
+		if proxy.ds.JsonData != nil {
+			if keepCookies := proxy.ds.JsonData.Get("keepCookies"); keepCookies != nil {
+				keepCookieNames := keepCookies.MustStringArray()
+				for _, c := range req.Cookies() {
+					for _, v := range keepCookieNames {
+						if c.Name == v {
+							keptCookies = append(keptCookies, c)
+						}
+					}
+				}
+			}
+		}
 		req.Header.Del("Cookie")
-		req.Header.Del("Set-Cookie")
+		for _, c := range keptCookies {
+			req.AddCookie(c)
+		}
 
 		// clear X-Forwarded Host/Port/Proto headers
 		req.Header.Del("X-Forwarded-Host")

pkg/api/pluginproxy/ds_proxy_test.go

@@ -152,8 +152,7 @@ func TestDSRouteRule(t *testing.T) {
 		Convey("When proxying a data source with no keepCookies specified", func() {
 			plugin := &plugins.DataSourcePlugin{}
 
-			json := simplejson.New()
+			json, _ := simplejson.NewJson([]byte(`{"keepCookies": []}`))
-			json.Set("keepCookies", []string{})
 
 			ds := &m.DataSource{
 				Type:     m.DS_GRAPHITE,
@@ -179,8 +178,7 @@ func TestDSRouteRule(t *testing.T) {
 		Convey("When proxying a data source with keep cookies specified", func() {
 			plugin := &plugins.DataSourcePlugin{}
 
-			json := simplejson.New()
+			json, _ := simplejson.NewJson([]byte(`{"keepCookies": ["JSESSION_ID"]}`))
-			json.Set("keepCookies", []string{"JSESSION_ID"})
 
 			ds := &m.DataSource{
 				Type:     m.DS_GRAPHITE,
@@ -199,7 +197,7 @@ func TestDSRouteRule(t *testing.T) {
 			proxy.getDirector()(&req)
 
 			Convey("Should keep named cookies", func() {
-				So(req.Header.Get("Cookie"), ShouldEqual, "JSESSION=test")
+				So(req.Header.Get("Cookie"), ShouldEqual, "JSESSION_ID=test")
 			})
 		})