debug: adds debug statements related to Set-Cookie and issecure

abacaphiliac · abacaphiliac · commit a364cb1b782d · 2024-06-12T18:28:49.000-07:00
diff --git a/index.js b/index.js
@@ -228,6 +228,7 @@ function session(options) {
       }
 
       if (!shouldSetCookie(req)) {
+        debug('should not set cookie');
         return;
       }
 
@@ -240,6 +241,7 @@ function session(options) {
       if (!touched) {
         // touch session
         req.session.touch()
+        debug('touch session');
         touched = true
       }
 
@@ -631,17 +633,21 @@ function hash(sess) {
 function issecure(req, trustProxy) {
   // socket is https server
   if (req.connection && req.connection.encrypted) {
+    debug('connection encrypted');
     return true;
   }
 
   // do not trust proxy
   if (trustProxy === false) {
+    debug('proxy untrusted');
     return false;
   }
 
   // no explicit trust; try req.secure from express
   if (trustProxy !== true) {
-    return req.secure === true
+    var reqSecure = req.secure === true
+    debug('request %s', reqSecure ? 'secure' : 'insecure');
+    return reqSecure
   }
 
   // read the proto from x-forwarded-proto header
@@ -651,7 +657,9 @@ function issecure(req, trustProxy) {
     ? header.substr(0, index).toLowerCase().trim()
     : header.toLowerCase().trim()
 
-  return proto === 'https';
+  var protoSecure = proto === 'https';
+  debug('protocol %s', protoSecure ? 'secure' : 'insecure');
+  return protoSecure;
 }
 
 /**

Original file line number	Diff line number	Diff line change
`@@ -228,6 +228,7 @@ function session(options) {`
`228`	`228`	`}`
`229`	`229`
`230`	`230`	`if (!shouldSetCookie(req)) {`
	`231`	`+ debug('should not set cookie');`
`231`	`232`	`return;`
`232`	`233`	`}`
`233`	`234`
`@@ -240,6 +241,7 @@ function session(options) {`
`240`	`241`	`if (!touched) {`
`241`	`242`	`// touch session`
`242`	`243`	`req.session.touch()`
	`244`	`+ debug('touch session');`
`243`	`245`	`touched = true`
`244`	`246`	`}`
`245`	`247`
`@@ -631,17 +633,21 @@ function hash(sess) {`
`631`	`633`	`function issecure(req, trustProxy) {`
`632`	`634`	`// socket is https server`
`633`	`635`	`if (req.connection && req.connection.encrypted) {`
	`636`	`+ debug('connection encrypted');`
`634`	`637`	`return true;`
`635`	`638`	`}`
`636`	`639`
`637`	`640`	`// do not trust proxy`
`638`	`641`	`if (trustProxy === false) {`
	`642`	`+ debug('proxy untrusted');`
`639`	`643`	`return false;`
`640`	`644`	`}`
`641`	`645`
`642`	`646`	`// no explicit trust; try req.secure from express`
`643`	`647`	`if (trustProxy !== true) {`
`644`		`- return req.secure === true`
	`648`	`+ var reqSecure = req.secure === true`
	`649`	`+ debug('request %s', reqSecure ? 'secure' : 'insecure');`
	`650`	`+ return reqSecure`
`645`	`651`	`}`
`646`	`652`
`647`	`653`	`// read the proto from x-forwarded-proto header`
`@@ -651,7 +657,9 @@ function issecure(req, trustProxy) {`
`651`	`657`	`? header.substr(0, index).toLowerCase().trim()`
`652`	`658`	`: header.toLowerCase().trim()`
`653`	`659`
`654`		`- return proto === 'https';`
	`660`	`+ var protoSecure = proto === 'https';`
	`661`	`+ debug('protocol %s', protoSecure ? 'secure' : 'insecure');`
	`662`	`+ return protoSecure;`
`655`	`663`	`}`
`656`	`664`
`657`	`665`	`/**`