fix cookies' secure detect

This commit is contained in:
dead_horse 2015-12-02 23:13:01 +08:00
parent 93c356ac7c
commit b5c1a60ac3
4 changed files with 46 additions and 2 deletions

View file

@ -157,7 +157,10 @@ app.createContext = function(req, res){
response.request = request;
context.onerror = context.onerror.bind(context);
context.originalUrl = request.originalUrl = req.url;
context.cookies = new Cookies(req, res, this.keys);
context.cookies = new Cookies(req, res, {
keys: this.keys,
secure: request.secure
});
context.accept = request.accept = accepts(req);
context.state = {};
return context;

View file

@ -23,7 +23,7 @@
"composition": "^2.1.1",
"content-disposition": "~0.5.0",
"content-type": "^1.0.0",
"cookies": "~0.5.0",
"cookies": "~0.6.1",
"debug": "*",
"delegates": "^1.0.0",
"destroy": "^1.0.3",

View file

@ -8,6 +8,8 @@ exports = module.exports = function(req, res){
var socket = new Stream.Duplex();
req = req || { headers: {}, socket: socket, __proto__: Stream.Readable.prototype };
res = res || { _headers: {}, socket: socket, __proto__: Stream.Writable.prototype };
req.socket = req.socket || socket;
res.socket = res.socket || socket;
res.getHeader = function(k){ return res._headers[k.toLowerCase()] };
res.setHeader = function(k, v){ res._headers[k.toLowerCase()] = v };
res.removeHeader = function(k, v){ delete res._headers[k.toLowerCase()] };

View file

@ -80,4 +80,43 @@ describe('ctx.cookies.set()', function(){
})
})
})
describe('with secure', function(){
it('should get secure from request', function(done){
var app = koa();
app.proxy = true;
app.keys = ['a', 'b'];
app.use(function *(next){
this.cookies.set('name', 'jon', { signed: true });
this.status = 204;
})
var server = app.listen();
request(server)
.get('/')
.set('x-forwarded-proto', 'https') // mock secure
.expect(204)
.end(function(err, res){
if (err) return done(err);
var cookies = res.headers['set-cookie'];
cookies.some(function(cookie){
return /^name=/.test(cookie);
}).should.be.ok;
cookies.some(function(cookie){
return /^name\.sig=/.test(cookie);
}).should.be.ok;
cookies.every(function(cookie){
return /secure/.test(cookie);
}).should.be.ok;
done();
})
})
})
})