From 71ab43e5cb00b92b8940e239673d01f366dc41cc Mon Sep 17 00:00:00 2001
From: Ahmed TAHRI <ahmed.tahri@cloudnursery.dev>
Date: Wed, 22 May 2024 07:56:45 +0200
Subject: [PATCH] fix test_secure_cookies_on_localhost case

non https server were expected to receive "secure" cookies...? this seems to be a bug that lied in Requests for quite some time.
---
 CHANGELOG.md           |  1 +
 tests/test_sessions.py | 12 +++++++++++-
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f677b07358..cd0368dca2 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -29,6 +29,7 @@ This project adheres to [Semantic Versioning](https://semver.org/).
   From the HTTPie user perspective, they are "prettified" on the output by default. e.g. "x-hello-world" is displayed as "X-Hello-World".
 - Fixed multipart form data having filename not rfc2231 compliant when name contain non-ascii characters. ([#1401](https://github.com/httpie/cli/issues/1401))
 - Fixed issue where the configuration directory was not created at runtime that made the update fetcher run everytime. ([#1527](https://github.com/httpie/cli/issues/1527))
+- Fixed cookie persistence in HTTPie session when targeting localhost. They were dropped due to the standard library. ([#1527](https://github.com/httpie/cli/issues/1527))
 
 Existing plugins are expected to work without any changes. The only caveat would be that certain plugin explicitly require `requests`.
 Future contributions may be made in order to relax the constraints where applicable.
diff --git a/tests/test_sessions.py b/tests/test_sessions.py
index aa5243487d..83cc5385a8 100644
--- a/tests/test_sessions.py
+++ b/tests/test_sessions.py
@@ -822,19 +822,27 @@ def test_session_multiple_headers_with_same_name(basic_session, httpbin):
     [
         (
             'localhost_http_server',
-            {'secure_cookie': 'foo', 'insecure_cookie': 'bar'}
+            {'insecure_cookie': 'bar'}
         ),
         (
             'remote_httpbin',
             {'insecure_cookie': 'bar'}
+        ),
+        (
+            'httpbin_secure_untrusted',
+            {'secure_cookie': 'foo', 'insecure_cookie': 'bar'}
         )
     ]
 )
 def test_secure_cookies_on_localhost(mock_env, tmp_path, server, expected_cookies, request):
     server = request.getfixturevalue(server)
     session_path = tmp_path / 'session.json'
+    server = str(server).replace('127.0.0.1', 'localhost')
+    additional_args = ['--verify=no'] if "https" in server else []
+
     http(
         '--session', str(session_path),
+        *additional_args,
         server + '/cookies/set',
         'secure_cookie==foo',
         'insecure_cookie==bar'
@@ -847,6 +855,8 @@ def test_secure_cookies_on_localhost(mock_env, tmp_path, server, expected_cookie
 
     r = http(
         '--session', str(session_path),
+        *additional_args,
         server + '/cookies'
     )
+
     assert r.json == {'cookies': expected_cookies}