Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add option to remove the 'secure' attribute from cookies #1166

Open
wants to merge 1 commit into
base: master
from

Conversation

Projects
None yet
4 participants
@edmorley
Copy link

edmorley commented May 10, 2017

This allows cookies proxied from HTTPS sites to be used by a non-HTTPS localhost development environment.

A new removeCookieProperty() helper has been added since the existing rewriteCookieProperty():

  • can't handle attributes that have no value (since the regex expects an =, and changing that would break the current implemention)
  • doesn't really make sense for outright removing an attribute regardless of any value

Fixes #1165.

@edmorley

This comment has been minimized.

Copy link
Author

edmorley commented May 10, 2017

The Travis run is failing on node 0.10/0.12, however that's unrelated to this PR - see #1167.

@DaxChen

This comment has been minimized.

Copy link

DaxChen commented Sep 7, 2017

👍 +1 for this, any plans if this will be merged and releases?

@fritx

This comment has been minimized.

Copy link

fritx commented Sep 12, 2017

+1 for PR (option cookieRemoveSecure), duplicated with (for) issue: #1165

Before the PR my current workaround is:

proxyTable: {
  '/api': {
    target: 'https://xxx',
    // https://stackoverflow.com/questions/35686091/how-can-i-proxy-to-a-ssl-endpoint-with-the-webpack-dev-server-proxy
    secure: false,
    changeOrigin: true,
    cookieDomainRewrite: '',
    // https://github.com/nodejitsu/node-http-proxy/pull/1166
    onProxyRes: (proxyRes) => {
      let removeSecure = str => str.replace(/; Secure/i, '')
      let set = proxyRes.headers['set-cookie']
      if (set) {
        let result = Array.isArray(set)
          ? set.map(removeSecure)
          : removeSecure(set)
        proxyRes.headers['set-cookie'] = result
      }
    }
  }
}
@adarshaj

This comment has been minimized.

Copy link

adarshaj commented Mar 19, 2018

Looking forward for this one to be merged!

Add option to remove the 'secure' attribute from cookies
This allows cookies proxied from HTTPS sites to be used by a
non-HTTPS localhost development environment.

Fixes #1165.

@edmorley edmorley force-pushed the edmorley:cookie-remove-secure branch from eb86fa1 to f373f17 May 9, 2018

@edmorley

This comment has been minimized.

Copy link
Author

edmorley commented May 9, 2018

I've rebased this on master (there were conflicts from the recent merges).

@jcrugzz / @indexzero I don't suppose you could take a look when you have a spare moment? (Tomorrow will be the one-year anniversary of this PR hehe :-))

@edmorley

This comment has been minimized.

Copy link
Author

edmorley commented Jul 13, 2018

@jcrugzz, sorry to pester - but would you mind taking a look at this PR? :-)

@edmorley

This comment has been minimized.

Copy link
Author

edmorley commented Aug 15, 2018

Is there anything we can do to help with the review/merge of this? :-)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.