From cb3346f0358eeb9b7b8c37405f4473efa8c297f4 Mon Sep 17 00:00:00 2001
From: Mohamed Akram <mohd-akram@users.noreply.github.com>
Date: Thu, 21 Mar 2024 19:25:51 +0400
Subject: [PATCH] fix: use request.protocol to check for HTTPS (#282)

---
 plugin.js           | 9 +--------
 test/cookie.test.js | 2 +-
 2 files changed, 2 insertions(+), 9 deletions(-)

diff --git a/plugin.js b/plugin.js
index a3a6130..c33003f 100644
--- a/plugin.js
+++ b/plugin.js
@@ -22,7 +22,7 @@ function fastifyCookieSetCookie (reply, name, value, options) {
   }
 
   if (opts.secure === 'auto') {
-    if (isConnectionSecure(reply.request)) {
+    if (reply.request.protocol === 'https') {
       opts.secure = true
     } else {
       opts.sameSite = 'lax'
@@ -187,13 +187,6 @@ function getHook (hook = 'onRequest') {
   return hooks[hook]
 }
 
-function isConnectionSecure (request) {
-  return (
-    request.raw.socket?.encrypted === true ||
-    request.headers['x-forwarded-proto'] === 'https'
-  )
-}
-
 const fastifyCookie = fp(plugin, {
   fastify: '4.x',
   name: '@fastify/cookie'
diff --git a/test/cookie.test.js b/test/cookie.test.js
index b045747..1965dd5 100644
--- a/test/cookie.test.js
+++ b/test/cookie.test.js
@@ -854,7 +854,7 @@ test('create signed cookie manually using signCookie decorator', async (t) => {
 })
 
 test('handle secure:auto of cookieOptions', async (t) => {
-  const fastify = Fastify()
+  const fastify = Fastify({ trustProxy: true })
 
   await fastify.register(plugin)