Fetch request concatenates Cookie headers with comma instead of semicolon

[Qantas94Heavy]

Version

19.6.0

Platform

Darwin MBP.local 22.2.0 Darwin Kernel Version 22.2.0: Fri Nov 11 02:08:47 PST 2022; root:xnu-8792.61.2~4/RELEASE_X86_64 x86_64

Subsystem

No response

What steps will reproduce the bug?

When specifying multiple Cookie headers for a fetch request, the headers will be concatenated using commas instead of semicolons. While this is technically compliant with the WHATWG spec, that spec is based around browser use and causes a risk of incorrect handling by the receiving server.

Example:

fetch('http://localhost:8080/', {
  headers: [
    ['cookie', 'FOO=lorem-ipsum-dolor-sit-amet'],
    ['cookie', 'BAR=the-quick-brown-fox']
  ]
});

How often does it reproduce? Is there a required condition?

No response

What is the expected behavior?

Cookies are separated by semicolons (;).

GET / HTTP/1.1
host: localhost:8080
connection: keep-alive
cookie: FOO=lorem-ipsum-dolor-sit-amet; BAR=the-quick-brown-fox
...

What do you see instead?

Cookies are separated by commas (,).

GET / HTTP/1.1
host: localhost:8080
connection: keep-alive
cookie: FOO=lorem-ipsum-dolor-sit-amet, BAR=the-quick-brown-fox
...

Additional information

Similar issue but on the receiving end: nodejs/node#11256

[aduh95]

What is the expected behavior?

GET / HTTP/1.1
host: localhost:8080
connection: keep-alive
cookie: FOO=lorem-ipsum-dolor-sit-amet; BAR=the-quick-brown-fox
...

What do you see instead?

GET / HTTP/1.1
host: localhost:8080
connection: keep-alive
cookie: FOO=lorem-ipsum-dolor-sit-amet; BAR=the-quick-brown-fox
...

Both look exactly similar, is it because of a missed copy-pasting?

[marco-ippolito]

Node behavior with http.request with cookies is to use ; separator.
Undici fetch behavior is to use , separator.

[Qantas94Heavy]

Both look exactly similar, is it because of a missed copy-pasting?

Apologies, that was a mistake! 😞 I've edited the original post to reflect this.