wip: add support for https with draft mode

packages/next/src/client/components/request-async-storage.external.ts

@@ -17,6 +17,7 @@ export interface RequestStore {
     Record<string, { files: string[] }>
   >
   readonly assetPrefix: string
+  readonly experimentalHttpsServer: boolean
 }
 
 export type RequestAsyncStorage = AsyncLocalStorage<RequestStore>

packages/next/src/server/api-utils/index.ts

@@ -107,12 +107,16 @@ export function clearPreviewData<T>(
   res: NextApiResponse<T>,
   options: {
     path?: string
+    experimentalHttpsServer: boolean
   } = {}
 ): NextApiResponse<T> {
   if (SYMBOL_CLEARED_COOKIES in res) {
     return res
   }
 
+  const secure = Boolean(
+    process.env.NODE_ENV !== 'development' || options.experimentalHttpsServer
+  )
   const { serialize } =
     require('next/dist/compiled/cookie') as typeof import('cookie')
   const previous = res.getHeader('Set-Cookie')
@@ -128,8 +132,8 @@ export function clearPreviewData<T>(
       // `Max-Age: 0` is not valid, thus ignored, and the cookie is persisted.
       expires: new Date(0),
       httpOnly: true,
-      sameSite: process.env.NODE_ENV !== 'development' ? 'none' : 'lax',
-      secure: process.env.NODE_ENV !== 'development',
+      sameSite: secure ? 'none' : 'lax',
+      secure,
       path: '/',
       ...(options.path !== undefined
         ? ({ path: options.path } as CookieSerializeOptions)
@@ -141,8 +145,8 @@ export function clearPreviewData<T>(
       // `Max-Age: 0` is not valid, thus ignored, and the cookie is persisted.
       expires: new Date(0),
       httpOnly: true,
-      sameSite: process.env.NODE_ENV !== 'development' ? 'none' : 'lax',
-      secure: process.env.NODE_ENV !== 'development',
+      sameSite: secure ? 'none' : 'lax',
+      secure,
       path: '/',
       ...(options.path !== undefined
         ? ({ path: options.path } as CookieSerializeOptions)

packages/next/src/server/api-utils/node/api-resolver.ts

@@ -133,12 +133,16 @@ function setDraftMode<T>(
   res: NextApiResponse<T>,
   options: {
     enable: boolean
+    experimentalHttpsServer: boolean
     previewModeId?: string
   }
 ): NextApiResponse<T> {
   if (!isValidData(options.previewModeId)) {
     throw new Error('invariant: invalid previewModeId')
   }
+  const secure = Boolean(
+    process.env.NODE_ENV !== 'development' || options.experimentalHttpsServer
+  )
   const expires = options.enable ? undefined : new Date(0)
   // To delete a cookie, set `expires` to a date in the past:
   // https://tools.ietf.org/html/rfc6265#section-4.1.1
@@ -154,8 +158,8 @@ function setDraftMode<T>(
         : []),
     serialize(COOKIE_NAME_PRERENDER_BYPASS, options.previewModeId, {
       httpOnly: true,
-      sameSite: process.env.NODE_ENV !== 'development' ? 'none' : 'lax',
-      secure: process.env.NODE_ENV !== 'development',
+      sameSite: secure ? 'none' : 'lax',
+      secure,
       path: '/',
       expires,
     }),
@@ -169,6 +173,7 @@ function setPreviewData<T>(
   options: {
     maxAge?: number
     path?: string
+    experimentalHttpsServer: boolean
   } & __ApiPreviewProps
 ): NextApiResponse<T> {
   if (!isValidData(options.previewModeId)) {
@@ -209,6 +214,9 @@ function setPreviewData<T>(
     )
   }
 
+  const secure = Boolean(
+    process.env.NODE_ENV !== 'development' || options.experimentalHttpsServer
+  )
   const { serialize } =
     require('next/dist/compiled/cookie') as typeof import('cookie')
   const previous = res.getHeader('Set-Cookie')
@@ -220,8 +228,8 @@ function setPreviewData<T>(
         : []),
     serialize(COOKIE_NAME_PRERENDER_BYPASS, options.previewModeId, {
       httpOnly: true,
-      sameSite: process.env.NODE_ENV !== 'development' ? 'none' : 'lax',
-      secure: process.env.NODE_ENV !== 'development',
+      sameSite: secure ? 'none' : 'lax',
+      secure,
       path: '/',
       ...(options.maxAge !== undefined
         ? ({ maxAge: options.maxAge } as CookieSerializeOptions)
@@ -232,8 +240,8 @@ function setPreviewData<T>(
     }),
     serialize(COOKIE_NAME_PRERENDER_DATA, payload, {
       httpOnly: true,
-      sameSite: process.env.NODE_ENV !== 'development' ? 'none' : 'lax',
-      secure: process.env.NODE_ENV !== 'development',
+      sameSite: secure ? 'none' : 'lax',
+      secure,
       path: '/',
       ...(options.maxAge !== undefined
         ? ({ maxAge: options.maxAge } as CookieSerializeOptions)

packages/next/src/server/async-storage/draft-mode-provider.ts

@@ -23,11 +23,17 @@ export class DraftModeProvider {
    */
   private readonly _mutableCookies: ResponseCookies
 
+  /**
+   * @internal - this declaration is stripped via `tsc --stripInternal`
+   */
+  private readonly _experimentalHttpsServer: boolean
+
   constructor(
     previewProps: __ApiPreviewProps | undefined,
     req: IncomingMessage | BaseNextRequest<unknown> | NextRequest,
     cookies: ReadonlyRequestCookies,
-    mutableCookies: ResponseCookies
+    mutableCookies: ResponseCookies,
+    experimentalHttpsServer: boolean
   ) {
     // The logic for draftMode() is very similar to tryGetPreviewData()
     // but Draft Mode does not have any data associated with it.
@@ -46,6 +52,7 @@ export class DraftModeProvider {
 
     this._previewModeId = previewProps?.previewModeId
     this._mutableCookies = mutableCookies
+    this._experimentalHttpsServer = experimentalHttpsServer
   }
 
   enable() {
@@ -55,26 +62,33 @@ export class DraftModeProvider {
       )
     }
 
+    const secure = Boolean(
+      process.env.NODE_ENV !== 'development' || this._experimentalHttpsServer
+    )
+
     this._mutableCookies.set({
       name: COOKIE_NAME_PRERENDER_BYPASS,
       value: this._previewModeId,
       httpOnly: true,
-      sameSite: process.env.NODE_ENV !== 'development' ? 'none' : 'lax',
-      secure: process.env.NODE_ENV !== 'development',
+      sameSite: secure ? 'none' : 'lax',
+      secure,
       path: '/',
     })
   }
 
   disable() {
+    const secure = Boolean(
+      process.env.NODE_ENV !== 'development' || this._experimentalHttpsServer
+    )
     // To delete a cookie, set `expires` to a date in the past:
     // https://tools.ietf.org/html/rfc6265#section-4.1.1
     // `Max-Age: 0` is not valid, thus ignored, and the cookie is persisted.
     this._mutableCookies.set({
       name: COOKIE_NAME_PRERENDER_BYPASS,
       value: '',
       httpOnly: true,
-      sameSite: process.env.NODE_ENV !== 'development' ? 'none' : 'lax',
-      secure: process.env.NODE_ENV !== 'development',
+      sameSite: secure ? 'none' : 'lax',
+      secure,
       path: '/',
       expires: new Date(0),
     })

packages/next/src/server/async-storage/request-async-storage-wrapper.ts

@@ -142,7 +142,8 @@ export const RequestAsyncStorageWrapper: AsyncStorageWrapper<
             previewProps,
             req,
             this.cookies,
-            this.mutableCookies
+            this.mutableCookies,
+            this.experimentalHttpsServer
           )
         }