Implement cookie rewriting for proxy context

[Copilot]

Cookies from proxied sites were not working due to incorrect domain/path attributes and missing cross-origin flags, breaking CAPTCHA verification and authentication flows.

Changes

Server-side rewriting (server/cookie-rewrite.ts, server/index.ts)

• Parse and rewrite Set-Cookie headers in proxy responses via Fastify onSend hook
• Rewrite domain to proxy host, prepend proxy prefix to paths
• Force SameSite=None; Secure for cross-origin iframe compatibility

Client-side interception (src/utils/captcha-handler.ts)

• Intercept document.cookie setter to rewrite cookies before storage
• Apply same domain/path/SameSite transformations on client

Service worker layer (public/sw.js)

• Add cookie rewriting in SW fetch handler before response passthrough
• Handle both Ultraviolet (/~/uv/) and Scramjet (/~/scramjet/) proxies

Shared utilities (src/utils/proxy-utils.ts)

• Extract proxy prefix detection to eliminate duplication across layers

Example

Before: Set-Cookie: token=abc; Domain=.google.com; Path=/; SameSite=Lax

After: Set-Cookie: token=abc; Domain=proxy.example.com; Path=/~/uv/; SameSite=None; Secure

This ensures cookies work for reCAPTCHA, hCaptcha, Cloudflare Turnstile, and authentication on heavy-cookie sites (Google, Amazon, Facebook).

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• telemetry.astro.build
  • Triggering command: /usr/local/bin/node node /home/REDACTED/work/Radius/Radius/node_modules/.bin/astro build (dns block)
  • Triggering command: /usr/local/bin/node node /home/REDACTED/work/Radius/Radius/node_modules/.bin/astro build conntrack --ctstate INVALID,NEW -j DROP (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

Original prompt

the current system has issues because cookies aren't being properly rewritten for the proxy context. Let me help you implement a comprehensive cookie rewrite system.Problem AnalysisCurrent Issues:

Cookies from target sites have wrong domains (e.g., domain=.google.com instead of your proxy domain)
SameSite attributes aren't set correctly for cross-origin contexts
Cookie paths aren't rewritten for the proxy prefix
CAPTCHA domains need special handling Solution: Implement Cookie Rewrite Middleware, 2. Integrate Cookie Rewriting into Fastify Server, 3. Enhanced Client-Side Cookie Handler, 4. Update Service Worker Configuration ( or basicaly add rewrite to cookies to alow captas and other sites to work)

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[codesandbox]

Review or Edit in CodeSandbox

Open the branch in Web Editor • VS Code • Insiders

Open Preview

• Start Development Server
• Start Production Server