fix: don't modify options (#9)

eggjs · Dec 14, 2017 · d199238 · d199238
1 parent 1037873
commit d199238
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 12 deletions.
diff --git a/appveyor.yml b/appveyor.yml
@@ -11,6 +11,6 @@ install:
 test_script:
   - node --version
   - npm --version
-  - npm run ci
+  - npm run test
 
 build: off
diff --git a/lib/cookies.js b/lib/cookies.js
@@ -48,7 +48,8 @@ class Cookies {
    * @return {String} value - cookie's value
    */
   get(name, opts) {
-    opts = encryptOrSigned(opts);
+    opts = opts || {};
+    const signed = computeSigned(opts);
 
     const header = this.ctx.get('cookie');
     if (!header) return;
@@ -57,10 +58,10 @@ class Cookies {
     if (!match) return;
 
     let value = match[1];
-    if (!opts.encrypt && !opts.signed) return value;
+    if (!opts.encrypt && !signed) return value;
 
     // signed
-    if (opts.signed) {
+    if (signed) {
       const sigName = name + '.sig';
       const sigValue = this.get(sigName, { signed: false });
       if (!sigValue) return;
@@ -86,12 +87,12 @@ class Cookies {
   }
 
   set(name, value, opts) {
-    opts = encryptOrSigned(opts);
+    opts = opts || {};
+    const signed = computeSigned(opts);
     value = value || '';
     if (!this.secure && opts.secure) {
       throw new Error('Cannot send secure cookie over unencrypted connection');
     }
-    if (opts.secure === undefined) opts.secure = this.secure;
 
     let headers = this.ctx.response.get('set-cookie') || [];
     if (!Array.isArray(headers)) headers = [ headers ];
@@ -107,10 +108,14 @@ class Cookies {
     }
 
     const cookie = new Cookie(name, value, opts);
+
+    // if user not set secure, reset secure to ctx.secure
+    if (opts.secure === undefined) cookie.attrs.secure = this.secure;
+
     headers = pushCookie(headers, cookie);
 
     // signed
-    if (opts.signed) {
+    if (signed) {
       cookie.value = value && this.keys.sign(cookie.toString());
       cookie.name += '.sig';
       headers = pushCookie(headers, cookie);
@@ -134,13 +139,11 @@ function getPattern(name) {
   return reg;
 }
 
-function encryptOrSigned(opts) {
-  opts = opts || {};
+function computeSigned(opts) {
   // encrypt default to false, signed default to true.
   // disable singed when encrypt is true.
-  if (opts.encrypt) opts.signed = false;
-  if (opts.signed !== false) opts.signed = true;
-  return opts;
+  if (opts.encrypt) return false;
+  return opts.signed !== false;
 }
 
 function pushCookie(cookies, cookie) {

diff --git a/test/lib/cookies.test.js b/test/lib/cookies.test.js
@@ -203,4 +203,16 @@ describe('test/lib/cookies.test.js', () => {
     });
     cookies.set('foo', value);
   });
+
+  it('should opts do not modify', () => {
+    const cookies = Cookies({ secure: true });
+    const opts = {
+      signed: 1,
+    };
+    cookies.set('foo', 'hello', opts);
+
+    assert(opts.signed === 1);
+    assert(opts.secure === undefined);
+    assert(cookies.ctx.response.headers['set-cookie'].join(';').match(/foo=hello/));
+  });
 });