Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(clerk-js): Force devBrowser to create suffixed cookies #4776

Merged
merged 4 commits into from
Dec 16, 2024
Merged

fix(clerk-js): Force devBrowser to create suffixed cookies #4776

merged 4 commits into from
Dec 16, 2024

Conversation

panteliselef
Copy link
Member

Description

Previously, if Clerk JS was loaded in an environment where:

  1. A __clerk_db_jwt cookie existed
  2. That cookie was tied to a different instance or publishable key, and
  3. Only an unsuffixed devBrowser version was available (while the suffixed version was missing),

the mismatch between the loaded publishable key and the existing database JWT caused the application to break. We would attempt to load the Client and Environment even though the existing cookie (JWT) did not match our active environment.

This issue affects only CSR application or application that do not run below a clerk middleware with handshake support. (nextjs apps are not affected).

Checklist

  • pnpm test runs as expected.
  • pnpm build runs as expected.
  • (If applicable) JSDoc comments have been added or updated for any package exports
  • (If applicable) Documentation has been updated

Type of change

  • 🐛 Bug fix
  • 🌟 New feature
  • 🔨 Breaking change
  • 📖 Refactoring / dependency upgrade / documentation
  • other:

@panteliselef panteliselef self-assigned this Dec 13, 2024
@vercel Vercel
Copy link

vercel bot commented Dec 13, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
clerk-js-sandbox ✅ Ready (Inspect) Visit Preview 💬 Add feedback Dec 16, 2024 4:38pm

@panteliselef panteliselef requested a review from a team December 13, 2024 14:42
anagstef
anagstef reviewed Dec 16, 2024
View reviewed changes
packages/clerk-js/src/core/auth/cookies/devBrowser.ts Outdated
const get = () => suffixedDevBrowserCookie.get() || devBrowserCookie.get();
const get = (mode?: 'only-suffixed') => {
if (mode === 'only-suffixed') {
suffixedDevBrowserCookie.get();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@panteliselef Maybe a typo? 😬

Suggested change
suffixedDevBrowserCookie.get();
return suffixedDevBrowserCookie.get();

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You are correct, i must removed it by mistake, i verified that without return it would break. So the change is verified that works.

@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Dec 16, 2024
edited
Loading

🦋 Changeset detected

Latest commit: 0154d0d

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 3 packages
Name Type
@clerk/clerk-js Patch
@clerk/chrome-extension Patch
@clerk/clerk-expo Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@panteliselef panteliselef merged commit fa82b43 into main Dec 16, 2024
29 checks passed
@panteliselef panteliselef deleted the elef/sdki-806-discrepancy-in-handling-_clerk_db_jwt-between-handshake-and branch December 16, 2024 17:05
@clerk-cookie clerk-cookie mentioned this pull request Dec 16, 2024
Merged
@panteliselef
Copy link
Member Author

!snapshot

@clerk-cookie
Copy link
Collaborator

Hey @panteliselef - the snapshot version command generated the following package versions:

Package Version
@clerk/chrome-extension 2.1.3-snapshot.v20241216215637
@clerk/clerk-js 5.43.0-snapshot.v20241216215637
@clerk/clerk-expo 2.6.2-snapshot.v20241216215637
@clerk/localizations 3.9.3-snapshot.v20241216215637
@clerk/nuxt 0.1.3-snapshot.v20241216215637
@clerk/remix 4.4.3-snapshot.v20241216215637
@clerk/ui 0.3.3-snapshot.v20241216215637
@clerk/vue 0.1.3-snapshot.v20241216215637

Tip: Use the snippet copy button below to quickly install the required packages.
@clerk/chrome-extension

npm i @clerk/[email protected] --save-exact

@clerk/clerk-js

npm i @clerk/[email protected] --save-exact

@clerk/clerk-expo

npm i @clerk/[email protected] --save-exact

@clerk/localizations

npm i @clerk/[email protected] --save-exact

@clerk/nuxt

npm i @clerk/[email protected] --save-exact

@clerk/remix

npm i @clerk/[email protected] --save-exact

@clerk/ui

npm i @clerk/[email protected] --save-exact

@clerk/vue

npm i @clerk/[email protected] --save-exact

BRKalow added a commit that referenced this pull request Dec 17, 2024
@BRKalow
Revert "fix(clerk-js): Force devBrowser to create suffixed cookies (#…
3a9c97e 
…4776)"

This reverts commit fa82b43.
BRKalow added a commit that referenced this pull request Dec 17, 2024
@BRKalow
fix(clerk-js): Revert #4776 (#4797)
2b57c39
@clerk-cookie clerk-cookie mentioned this pull request Dec 17, 2024
Merged
BRKalow added a commit that referenced this pull request Dec 20, 2024
@BRKalow
fix(clerk-js): Revert #4776 (#4797)
33409f1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anagstef anagstef anagstef approved these changes

Assignees

@panteliselef panteliselef

Labels
clerk-js
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@panteliselef @clerk-cookie @anagstef