fix test_secure_cookies_on_localhost case

non https server were expected to receive "secure" cookies...? this seems to be a bug that lied in Requests for quite some time.
Ousret · May 22, 2024 · 71ab43e · 71ab43e
1 parent 007234f
commit 71ab43e
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -29,6 +29,7 @@ This project adheres to [Semantic Versioning](https://semver.org/).
   From the HTTPie user perspective, they are "prettified" on the output by default. e.g. "x-hello-world" is displayed as "X-Hello-World".
 - Fixed multipart form data having filename not rfc2231 compliant when name contain non-ascii characters. ([#1401](https://github.com/httpie/cli/issues/1401))
 - Fixed issue where the configuration directory was not created at runtime that made the update fetcher run everytime. ([#1527](https://github.com/httpie/cli/issues/1527))
+- Fixed cookie persistence in HTTPie session when targeting localhost. They were dropped due to the standard library. ([#1527](https://github.com/httpie/cli/issues/1527))
 
 Existing plugins are expected to work without any changes. The only caveat would be that certain plugin explicitly require `requests`.
 Future contributions may be made in order to relax the constraints where applicable.

diff --git a/tests/test_sessions.py b/tests/test_sessions.py
@@ -822,19 +822,27 @@ def test_session_multiple_headers_with_same_name(basic_session, httpbin):
     [
         (
             'localhost_http_server',
-            {'secure_cookie': 'foo', 'insecure_cookie': 'bar'}
+            {'insecure_cookie': 'bar'}
         ),
         (
             'remote_httpbin',
             {'insecure_cookie': 'bar'}
+        ),
+        (
+            'httpbin_secure_untrusted',
+            {'secure_cookie': 'foo', 'insecure_cookie': 'bar'}
         )
     ]
 )
 def test_secure_cookies_on_localhost(mock_env, tmp_path, server, expected_cookies, request):
     server = request.getfixturevalue(server)
     session_path = tmp_path / 'session.json'
+    server = str(server).replace('127.0.0.1', 'localhost')
+    additional_args = ['--verify=no'] if "https" in server else []
+
     http(
         '--session', str(session_path),
+        *additional_args,
         server + '/cookies/set',
         'secure_cookie==foo',
         'insecure_cookie==bar'
@@ -847,6 +855,8 @@ def test_secure_cookies_on_localhost(mock_env, tmp_path, server, expected_cookie
 
     r = http(
         '--session', str(session_path),
+        *additional_args,
         server + '/cookies'
     )
+
     assert r.json == {'cookies': expected_cookies}