From 1e31767b511502190f217e3f1aec6ce74e245d63 Mon Sep 17 00:00:00 2001 From: Fabian Topfstedt Date: Tue, 4 Dec 2018 10:51:52 +0100 Subject: [PATCH] [1759] Ingress affinity session cookie with Secure flag for HTTPS Signed-off-by: Fabian Topfstedt --- rootfs/etc/nginx/lua/balancer/sticky.lua | 1 + rootfs/etc/nginx/lua/test/balancer/sticky_test.lua | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/rootfs/etc/nginx/lua/balancer/sticky.lua b/rootfs/etc/nginx/lua/balancer/sticky.lua index b12252b67..1b82e5efd 100644 --- a/rootfs/etc/nginx/lua/balancer/sticky.lua +++ b/rootfs/etc/nginx/lua/balancer/sticky.lua @@ -54,6 +54,7 @@ local function set_cookie(self, value) path = cookie_path, domain = ngx.var.host, httponly = true, + secure = ngx.var.https == "on", } if self.cookie_expires and self.cookie_expires ~= "" then diff --git a/rootfs/etc/nginx/lua/test/balancer/sticky_test.lua b/rootfs/etc/nginx/lua/test/balancer/sticky_test.lua index 469d82346..ed2040b20 100644 --- a/rootfs/etc/nginx/lua/test/balancer/sticky_test.lua +++ b/rootfs/etc/nginx/lua/test/balancer/sticky_test.lua @@ -40,7 +40,7 @@ end describe("Sticky", function() before_each(function() - mock_ngx({ var = { location_path = "/", host = "test.com" } }) + mock_ngx({ var = { location_path = "/", host = "test.com", https = "on" } }) end) after_each(function() @@ -102,7 +102,6 @@ describe("Sticky", function() cookie.new = mocked_cookie_new end) - context("when client doesn't have a cookie set and location is in cookie_locations", function() it("picks an endpoint for the client", function() local sticky_balancer_instance = sticky:new(test_backend) @@ -122,6 +121,7 @@ describe("Sticky", function() assert.equal(payload.path, ngx.var.location_path) assert.equal(payload.domain, ngx.var.host) assert.equal(payload.httponly, true) + assert.equal(payload.secure, true) return true, nil end, get = function(k) return false end,