Safari executes redirect before reading all headers

I am currently experiencing strange behavior with 302 redirects and cookies. Safari seems to execute a 302 redirect immediately after reading the "Location" header and before evaluating the following "Set-Cookie" header. On some devices in Browserstack it works, on others, it doesn't.

The cookie is still read, but it is only available for the following requests, not yet for the redirect itself. Since this happens during the login, the first request after the login results in a 403, but reloading helps. It is not a general problem since it works on some devices that use the exact same OS and Safari version. Presumably, slower devices work.

Is there a way to change this behavior or do I need Safari to be fixed by Apple?

Answers

In those some do/some don't examples, I'd wonder if caches are a factor.


Are you checking last visit? Do your set values expire?

If this behavior is unexpected, I recommend you file a report at bugreport.apple.com with more specifics, such as a HAR archive from Web Inspector. Without actual diagnostics and logging, it would be difficult to diagnose what is happening inside Safari.