diff --git a/lib/application.js b/lib/application.js
index ef3533e56..bc1e73317 100644
--- a/lib/application.js
+++ b/lib/application.js
@@ -153,7 +153,8 @@ app.createContext = function(req, res){
   response.request = request;
   context.onerror = context.onerror.bind(context);
   context.originalUrl = request.originalUrl = req.url;
-  context.cookies = new Cookies(req, res, this.keys);
+  // pass `Request` because of `Cookies` need to read `request.protocol`
+  context.cookies = new Cookies(request, res, this.keys);
   context.accept = request.accept = accepts(req);
   context.state = {};
   return context;
diff --git a/lib/context.js b/lib/context.js
index 88b0cf275..4ff39abe4 100644
--- a/lib/context.js
+++ b/lib/context.js
@@ -173,6 +173,7 @@ delegate(proto, 'request')
   .access('querystring')
   .access('idempotent')
   .access('socket')
+  .access('connection')
   .access('search')
   .access('method')
   .access('query')
diff --git a/lib/request.js b/lib/request.js
index 0505c578b..bec7b7796 100644
--- a/lib/request.js
+++ b/lib/request.js
@@ -308,6 +308,16 @@ module.exports = {
     return this.req.socket;
   },
 
+  /**
+   * Return the request connection.
+   *
+   * @return {connection}
+   * @api public
+   */
+  get connection() {
+    return this.req.connection;
+  },
+
   /**
    * Get the charset when present or undefined.
    *
diff --git a/test/context.js b/test/context.js
index 87b4bd834..c86269966 100644
--- a/test/context.js
+++ b/test/context.js
@@ -6,7 +6,7 @@ var koa = require('..');
 
 exports = module.exports = function(req, res){
   var socket = new Stream.Duplex();
-  req = req || { headers: {}, socket: socket, __proto__: Stream.Readable.prototype };
+  req = req || { headers: {}, socket: socket, connection: socket, __proto__: Stream.Readable.prototype };
   res = res || { _headers: {}, socket: socket, __proto__: Stream.Writable.prototype };
   res.getHeader = function(k){ return res._headers[k.toLowerCase()] };
   res.setHeader = function(k, v){ res._headers[k.toLowerCase()] = v };
diff --git a/test/context/cookies.js b/test/context/cookies.js
index 9097bf1b0..364c644cc 100644
--- a/test/context/cookies.js
+++ b/test/context/cookies.js
@@ -80,4 +80,45 @@ describe('ctx.cookies.set()', function(){
       })
     })
   })
+
+  describe('with secure', function(){
+    it('should get secure from request', function(done){
+      var app = koa();
+
+      app.keys = ['a', 'b'];
+      app.proxy = true;
+
+      app.use(function *(next){
+        // mock secure
+        this.req.headers['x-forwarded-proto'] = 'https';
+        this.cookies.set('name', 'jon', { signed: true });
+        this.status = 204;
+      })
+
+      var server = app.listen();
+
+      request(server)
+      .get('/')
+      .expect(204)
+      .end(function(err, res){
+        if (err) return done(err);
+
+        var cookies = res.headers['set-cookie'];
+
+        cookies.some(function(cookie){
+          return /^name=/.test(cookie);
+        }).should.be.ok;
+
+        cookies.some(function(cookie){
+          return /^name\.sig=/.test(cookie);
+        }).should.be.ok;
+
+        cookies.every(function(cookie){
+          return /secure/.test(cookie);
+        }).should.be.ok;
+
+        done();
+      })
+    })
+  })
 })
diff --git a/test/request/connection.js b/test/request/connection.js
new file mode 100644
index 000000000..e40430149
--- /dev/null
+++ b/test/request/connection.js
@@ -0,0 +1,12 @@
+
+'use strict';
+
+var request = require('../context').request;
+var Stream = require('stream');
+
+describe('req.connection', function(){
+  it('should return the request connection object', function(){
+    var req = request();
+    req.connection.should.be.instanceOf(Stream);
+  })
+})