fix(): fix cookie same site issue

weareoutman · weareoutman · commit 96c20c7d8d91 · 2025-04-30T10:15:52.000+08:00
diff --git a/packages/brick-container/serve/getProxy.js b/packages/brick-container/serve/getProxy.js
@@ -116,19 +116,16 @@ export default function getProxy(env, getRawIndexHtml) {
               req.path === "/next/api/auth/login/v2" &&
               Array.isArray(setCookies)
             ) {
-              // - If the server is https, but the local is http, clear the secure cookie flags;
-              // - Otherwise, if the local is localhost and cookieSameSiteNone is enabled (default),
+              // - If the local is localhost and cookieSameSiteNone is enabled (default),
               //   add the secure cookie flags;
               // - Otherwise, if the local is https, do nothing;
               // - Otherwise, clear the secure cookie flags;
               const strategy =
-                env.server.startsWith("https:") && !env.https
-                  ? "clear"
-                  : env.cookieSameSiteNone && env.host === "localhost"
-                    ? "add"
-                    : env.https
-                      ? null
-                      : "clear";
+                env.cookieSameSiteNone && env.host === "localhost"
+                  ? "add"
+                  : env.https
+                    ? null
+                    : "clear";
               if (strategy) {
                 // Note: it seems that now Chrome (v107) requires `SameSite=None` even for localhost.
                 // However, `Secure` can use used with non-http for localhost.
