support secure cookie option for identity cookies (#577)

* support secure cookie option for identity cookies * add changeset
segmentio · Aug 11, 2022 · 8d48bdc · 8d48bdc
1 parent 48f3c0b
commit 8d48bdc
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 0 deletions.
diff --git a/.changeset/dry-vans-worry.md b/.changeset/dry-vans-worry.md
@@ -0,0 +1,5 @@
+---
+'@segment/analytics-next': patch
+---
+
+Fixes an issue where the 'secure' cookie setting was not being applied correctly when specified.
diff --git a/packages/browser/src/core/user/__tests__/index.test.ts b/packages/browser/src/core/user/__tests__/index.test.ts
@@ -513,6 +513,22 @@ describe('user', () => {
       expect(cookie['options'].domain).toBe('foo')
       expect(cookie['options'].secure).toBe(true)
       expect(cookie['options'].path).toBe('/test')
+      expect(cookie['options'].secure).toBe(true)
+    })
+
+    it('should pass options when creating cookie', () => {
+      const jarSpy = jest.spyOn(jar, 'set')
+      const cookie = new Cookie({ domain: 'foo', secure: true, path: '/test' })
+
+      cookie.set('foo', 'bar')
+
+      expect(jarSpy).toHaveBeenCalledWith('foo', 'bar', {
+        domain: 'foo',
+        expires: 365,
+        path: '/test',
+        sameSite: 'Lax',
+        secure: true,
+      })
     })
   })
 

diff --git a/packages/browser/src/core/user/index.ts b/packages/browser/src/core/user/index.ts
@@ -92,6 +92,7 @@ export class Cookie extends Store {
       expires: this.options.maxage,
       domain: this.options.domain,
       path: this.options.path,
+      secure: this.options.secure,
     }
   }