add NODE_TLS_REJECT_UNAUTHORIZED (#4829)

1 files changed, 24 insertions, 0 deletions

diff --git a/test/js/web/fetch/fetch.tls.test.ts b/test/js/web/fetch/fetch.tls.test.ts
index 184cbad8b..d8a844ed7 100644
--- a/test/js/web/fetch/fetch.tls.test.ts
+++ b/test/js/web/fetch/fetch.tls.test.ts
@@ -1,5 +1,7 @@
 import { it, expect } from "bun:test";
 import tls from "tls";
+import { join } from "node:path";
+import { bunEnv, bunExe } from "harness";
 
 type TLSOptions = {
   cert: string;
@@ -130,6 +132,28 @@ it("fetch with invalid tls + rejectUnauthorized: false should not throw", async
   });
 });
 
+it("fetch should respect rejectUnauthorized env", async () => {
+  await createServer(CERT_EXPIRED, async port => {
+    const url = `https://localhost:${port}`;
+
+    for (let i = 0; i < 2; i++) {
+      const proc = Bun.spawn({
+        env: {
+          ...bunEnv,
+          SERVER: url,
+          NODE_TLS_REJECT_UNAUTHORIZED: i.toString(),
+        },
+        stderr: "inherit",
+        stdout: "inherit",
+        cmd: [bunExe(), join(import.meta.dir, "fetch-reject-authorized-env-fixture.js")],
+      });
+
+      const exitCode = await proc.exited;
+      expect(exitCode).toBe(i);
+    }
+  });
+});
+
 it("can handle multiple requests with non native checkServerIdentity", async () => {
   await createServer(CERT_LOCALHOST_IP, async port => {
     async function request() {