fix(cookies): set options when deleting cookies (#890)

* fix(cookies): set options when deleting cookies

* fix(cookies): array destructuring to assign 'options' as 'args[0]'

* feat(cookies): add test for deleting cookie with Secure, HttpOnly, and SameSite=none

* Create sharp-games-carry.md

---------

Co-authored-by: Kiko Beats <[email protected]>

Author: nonoakij

.changeset/sharp-games-carry.md

@@ -0,0 +1,5 @@
+---
+"@edge-runtime/cookies": patch
+---
+
+fix(cookies): set options when deleting cookies

packages/cookies/src/response-cookies.ts

@@ -87,11 +87,9 @@ export class ResponseCookies {
       | [key: string]
       | [options: Omit<ResponseCookie, 'value' | 'expires'>]
   ): this {
-    const [name, path, domain] =
-      typeof args[0] === 'string'
-        ? [args[0]]
-        : [args[0].name, args[0].path, args[0].domain]
-    return this.set({ name, path, domain, value: '', expires: new Date(0) })
+    const [name, options] =
+      typeof args[0] === 'string' ? [args[0]] : [args[0].name, args[0]]
+    return this.set({ ...options, name, value: '', expires: new Date(0) })
   }
 
   [Symbol.for('edge-runtime.inspect.custom')]() {

packages/cookies/test/response-cookies.test.ts

@@ -209,6 +209,22 @@ test('delete cookie with domain and path', async () => {
   ])
 })
 
+test('delete cookie with Secure, HttpOnly, and SameSite=none', () => {
+  const headers = new Headers()
+  const cookies = new ResponseCookies(headers)
+
+  cookies.delete({
+    name: '__Secure-foo',
+    secure: true,
+    httpOnly: true,
+    sameSite: 'none',
+  })
+
+  expect(headers.getSetCookie()).toEqual([
+    '__Secure-foo=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Secure; HttpOnly; SameSite=none',
+  ])
+})
+
 test('options are not modified', async () => {
   const options = { maxAge: 10000 }
   const headers = new Headers({ 'content-type': 'application/json' })