Make Secure-local-cookies work in CLI as well

ramki-bruno · ramki-bruno · commit 2c3d2ff6a74d · 2025-05-23T13:49:56.000+05:30
diff --git a/packages/bruno-cli/src/utils/cookies.js b/packages/bruno-cli/src/utils/cookies.js
@@ -1,5 +1,6 @@
 const { Cookie, CookieJar } = require('tough-cookie');
 const each = require('lodash/each');
+const { isPotentiallyTrustworthyOrigin } = require('@usebruno/requests').utils;
 
 const cookieJar = new CookieJar();
 
@@ -11,7 +12,9 @@ const addCookieToJar = (setCookieHeader, requestUrl) => {
 };
 
 const getCookiesForUrl = (url) => {
-  return cookieJar.getCookiesSync(url);
+  return cookieJar.getCookiesSync(url, {
+    secure: isPotentiallyTrustworthyOrigin(url)
+  });
 };
 
 const getCookieStringForUrl = (url) => {
diff --git a/packages/bruno-electron/src/utils/cookies.js b/packages/bruno-electron/src/utils/cookies.js
@@ -1,7 +1,7 @@
 const { Cookie, CookieJar } = require('tough-cookie');
-const { isPotentiallyTrustworthy } = require('./trustworthy-util');
 const each = require('lodash/each');
 const moment = require('moment');
+const { isPotentiallyTrustworthyOrigin } = require('@usebruno/requests').utils;
 
 const cookieJar = new CookieJar();
 
@@ -14,7 +14,7 @@ const addCookieToJar = (setCookieHeader, requestUrl) => {
 
 const getCookiesForUrl = (url) => {
   return cookieJar.getCookiesSync(url, {
-    secure: isPotentiallyTrustworthy(url)
+    secure: isPotentiallyTrustworthyOrigin(url)
   });
 };
 
diff --git a/packages/bruno-requests/src/index.ts b/packages/bruno-requests/src/index.ts
@@ -1 +1,3 @@
 export { addDigestInterceptor, getOAuth2Token } from './auth';
+
+export * as utils from './utils';
diff --git a/packages/bruno-requests/src/utils/cookie-utils.js b/packages/bruno-requests/src/utils/cookie-utils.js
@@ -1,5 +1,5 @@
-const { URL } = require('url');
-const net = require('net');
+const { URL } = require('node:url');
+const net = require('node:net');
 
 const isLoopbackV4 = (address) => {
   // 127.0.0.0/8: first octet = 127
@@ -64,14 +64,16 @@ const hostNoBrackets = (host) => {
  * @returns {boolean}
  * @see {@link https://w3c.github.io/webappsec-secure-contexts/#potentially-trustworthy-origin W3C Spec}
  */
-const isPotentiallyTrustworthy = (urlString) => {
+const isPotentiallyTrustworthyOrigin = (urlString) => {
   let url;
 
   // try ... catch doubles as an opaque origin check
   try {
     url = new URL(urlString);
-  } catch {
-    return false;
+  } catch (e) {
+    if (e instanceof TypeError && e.code === 'ERR_INVALID_URL') {
+      return false;
+    } else throw e;
   }
 
   const scheme = url.protocol.replace(':', '').toLowerCase();
@@ -99,5 +101,5 @@ const isPotentiallyTrustworthy = (urlString) => {
 }
 
 module.exports = {
-    isPotentiallyTrustworthy
+    isPotentiallyTrustworthyOrigin
 };
diff --git a/packages/bruno-requests/src/utils/index.ts b/packages/bruno-requests/src/utils/index.ts
@@ -0,0 +1 @@
+export * from './cookie-utils';

Original file line number	Diff line number	Diff line change
`@@ -1 +1,3 @@`
`1`	`1`	`export { addDigestInterceptor, getOAuth2Token } from './auth';`
	`2`	`+`
	`3`	`+export * as utils from './utils';`