bug: 502 Bad Gateway while working with woocommerce REST API

[ggchar]

Bug Report

Plugin Version

3.5.0

PHP Version

8.0.29

WordPress Version

6.3

WooCommerce Version

8.0.1

Bug description

I got 502 Bad Gateway when I make a GET request like below:

However, I can obtain the correct response when I use the IP address instead of the domain, like:

I noticed that a cookie was set using the second method, but not with the first method. As a result, I decided to comment out the 'wp_set_auth_cookie' function within the 'loginUser' function in the file 'plugins\simple-jwt-login\src\Modules\WordPressData.php'. This adjustment allowed me to obtain the correct response. Now I'm considering whether it's possible to include an option to disable the use of 'wp_set_auth_cookie' when it's not required. In my project, I consistently include the Authorization in the request header, and I believe that the cookie is unnecessary.

Additional Context (optional)

I believe the issue is caused by the web server configuration. I'm using WordPress within a Docker container and proxying the site through Nginx. Specifically, I'm using HTTPS in the Nginx proxy host while using HTTP within the WordPress container. What I'm wondering is why I can access the website and set cookies correctly via normal browsing in a browser, but I'm unable to set cookies correctly via the REST API?

Finally, I would like to express my gratitude for the author's dedication.

[nicumicle]

Hi @Charlie-ccc ,

I need to investigate this issue.

I had a look over the wp_set_auth_cookie. In the plugin code, we are not setting the $secure parameter.

$secure bool|string Optional
Whether the auth cookie should only be sent over HTTPS. Default is an empty string which means the value of is_ssl() will be used.

I also believe that this comes from the server configuration.

Can you please try on your setup, the following hook https://developer.wordpress.org/reference/hooks/secure_logged_in_cookie/ and let me know if there are any improvements?