[fix] Cannot send secure cookie over unencrypted connection
jgcmarins opened this issue · comments
Describe the bug
Node.js version: v18.17.1
OS version: macOS 13.5.2 (22G91)
Description: I am trying to test against a Koa API that sets a HTTP cookie with a secure flag true, but when the API does that, I get the error "Cannot send the secure cookie over unencrypted connection".
I know the cookie module throws this error, but the problem is related to the supertest request which is a HTTP request, not a HTTPS.
Actual behavior
- Supertest request does not support secure HTTP request
Expected behavior
- Supertest request supports HTTP request
Code to reproduce
setCookie function
const DEFAULT_MAX_AGE = 7 * 24 * 60 * 60 * 100;
export const setCookie =
(koaContext: Context) =>
(cookieName: string, token: string, maxAge: number = DEFAULT_MAX_AGE) => {
try {
const domain = null;
const secure = config.NODE_ENV !== 'development';
const sameSite = config.APP_ENV === 'development' ? 'Lax' : 'None';
const options = {
httpOnly: true,
overwrite: true,
maxAge,
secure,
domain,
signed: false,
sameSite,
};
koaContext.cookies.set(cookieName, token, options);
} catch (err) {
console.log('set cookie failed: ', err);
}
};
supertest request
const response = await request(app.callback())
.post('/api')
.set({
Accept: 'application/json',
'Content-Type': 'application/json',
})
.send(JSON.stringify(payload));
Checklist
- I have searched through GitHub issues for similar issues.
- I have completely read through the README and documentation.
- I have tested my code with the latest version of Node.js and this package and confirmed it is still not working.