fix: use _CHIPS- prefix instead of __Host- (#48)

https://www.ietf.org/archive/id/draft-west-cookie-prefixes-05.txt
eggjs · Jan 3, 2024 · 6b5e5be · 6b5e5be
1 parent 80a9049
commit 6b5e5be
Show file tree

Hide file tree

Showing 4 changed files with 24 additions and 24 deletions.
diff --git a/README.zh-CN.md b/README.zh-CN.md
@@ -33,7 +33,7 @@ ctx.cookies.set('key', 'value', options);
 全局默认配置：
 
 - autoChips - `Boolean` 是否开启 [CHIPS](https://developers.google.com/privacy-sandbox/3pcd/chips#security_design) 的自动适配方案，
-会自动给 Cookie 新增一个 `__Host` 为前缀的分区 Cookie，优先读取非分区 Cookie，读取失败则尝试读取 `__Host` 前缀的同名 Cookie 适配三方 Cookie 禁止逻辑。
+会自动给 Cookie 新增一个 `_CHIPS-` 为前缀的分区 Cookie，优先读取非分区 Cookie，读取失败则尝试读取 `_CHIPS-` 前缀的同名 Cookie 适配三方 Cookie 禁止逻辑。
 一旦配置 `autoChips=true`，那么会强制忽略 `partitioned`、`removeUnpartitioned` 参数。
 
 ## 设置 cookie

diff --git a/index.d.ts b/index.d.ts
@@ -7,7 +7,7 @@
 declare namespace EggCookies {
   interface DefaultCookieOptions {
     /**
-     * Auto get and set `__Host` prefix cookie to adaptation CHIPS mode (The default value is false).
+     * Auto get and set `_CHIPS-` prefix cookie to adaptation CHIPS mode (The default value is false).
      */
     autoChips?: boolean;
   }

diff --git a/lib/cookies.js b/lib/cookies.js
@@ -57,7 +57,7 @@ class Cookies {
     opts = opts || {};
     let value = this._get(name, opts);
     if (value === undefined && this._autoChips) {
-      // try to read __Host-${name} prefix cookie
+      // try to read _CHIPS-${name} prefix cookie
       value = this._get(this._formatChipsCookieName(name), opts);
     }
     return value;
@@ -170,7 +170,7 @@ class Cookies {
         headers = pushCookie(headers, removeUnpartitionedCookie);
       }
     } else if (autoChips) {
-      // add __Host-${name} prefix cookie
+      // add _CHIPS-${name} prefix cookie
       const newCookieName = this._formatChipsCookieName(name);
       const newCookieOpts = Object.assign({}, opts, {
         partitioned: true,
@@ -206,7 +206,7 @@ class Cookies {
   }
 
   _formatChipsCookieName(name) {
-    return `__Host-${name}`;
+    return `_CHIPS-${name}`;
   }
 
   _parseChromiumAndMajorVersion(userAgent) {

diff --git a/test/lib/cookies.test.js b/test/lib/cookies.test.js
@@ -723,8 +723,8 @@ describe('test/lib/cookies.test.js', () => {
       assert(opts.secure === undefined);
       let setCookies = cookies.ctx.response.headers['set-cookie'];
       assert.equal(setCookies.length, 4);
-      assert.equal(setCookies[0], '__Host-foo=hello; path=/; samesite=none; secure; httponly; partitioned');
-      assert.equal(setCookies[1], '__Host-foo.sig=l0yCZaMfgLfAX4tuQ6mI4Hh3RBoeeWHrVHqNLlYx480; path=/; samesite=none; secure; httponly; partitioned');
+      assert.equal(setCookies[0], '_CHIPS-foo=hello; path=/; samesite=none; secure; httponly; partitioned');
+      assert.equal(setCookies[1], '_CHIPS-foo.sig=G4Idm9Wdp_vfCnUbOpQG284o22SgTe88SUmG6QW1ylk; path=/; samesite=none; secure; httponly; partitioned');
       assert.equal(setCookies[2], 'foo=hello; path=/; samesite=none; secure; httponly');
       assert.equal(setCookies[3], 'foo.sig=ZWbaA4bWk8ByBuYVgfmJ2DMvhhS3sOctMbfXAQ2vnwI; path=/; samesite=none; secure; httponly');
 
@@ -739,8 +739,8 @@ describe('test/lib/cookies.test.js', () => {
       assert(opts.signed === 1);
       assert(opts.secure === undefined);
       setCookies = cookies.ctx.response.headers['set-cookie'];
-      assert.equal(setCookies[0], '__Host-foo=hello; path=/; samesite=none; secure; httponly; partitioned');
-      assert.equal(setCookies[1], '__Host-foo.sig=l0yCZaMfgLfAX4tuQ6mI4Hh3RBoeeWHrVHqNLlYx480; path=/; samesite=none; secure; httponly; partitioned');
+      assert.equal(setCookies[0], '_CHIPS-foo=hello; path=/; samesite=none; secure; httponly; partitioned');
+      assert.equal(setCookies[1], '_CHIPS-foo.sig=G4Idm9Wdp_vfCnUbOpQG284o22SgTe88SUmG6QW1ylk; path=/; samesite=none; secure; httponly; partitioned');
       assert.equal(setCookies[2], 'foo=hello; path=/; samesite=none; secure; httponly');
       assert.equal(setCookies[3], 'foo.sig=ZWbaA4bWk8ByBuYVgfmJ2DMvhhS3sOctMbfXAQ2vnwI; path=/; samesite=none; secure; httponly');
 
@@ -756,8 +756,8 @@ describe('test/lib/cookies.test.js', () => {
       assert(opts.signed === 1);
       assert(opts.secure === undefined);
       setCookies = cookies.ctx.response.headers['set-cookie'];
-      assert.equal(setCookies[0], '__Host-foo=hello; path=/; samesite=none; secure; httponly; partitioned');
-      assert.equal(setCookies[1], '__Host-foo.sig=l0yCZaMfgLfAX4tuQ6mI4Hh3RBoeeWHrVHqNLlYx480; path=/; samesite=none; secure; httponly; partitioned');
+      assert.equal(setCookies[0], '_CHIPS-foo=hello; path=/; samesite=none; secure; httponly; partitioned');
+      assert.equal(setCookies[1], '_CHIPS-foo.sig=G4Idm9Wdp_vfCnUbOpQG284o22SgTe88SUmG6QW1ylk; path=/; samesite=none; secure; httponly; partitioned');
       assert.equal(setCookies[2], 'foo=hello; path=/; samesite=none; secure; httponly');
       assert.equal(setCookies[3], 'foo.sig=ZWbaA4bWk8ByBuYVgfmJ2DMvhhS3sOctMbfXAQ2vnwI; path=/; samesite=none; secure; httponly');
 
@@ -776,24 +776,24 @@ describe('test/lib/cookies.test.js', () => {
       assert(opts.signed === 1);
       assert(opts.secure === undefined);
       setCookies = cookies.ctx.response.headers['set-cookie'];
-      assert.equal(setCookies[0], '__Host-foo=hello; path=/; samesite=none; secure; httponly; partitioned');
-      assert.equal(setCookies[1], '__Host-foo.sig=l0yCZaMfgLfAX4tuQ6mI4Hh3RBoeeWHrVHqNLlYx480; path=/; samesite=none; secure; httponly; partitioned');
+      assert.equal(setCookies[0], '_CHIPS-foo=hello; path=/; samesite=none; secure; httponly; partitioned');
+      assert.equal(setCookies[1], '_CHIPS-foo.sig=G4Idm9Wdp_vfCnUbOpQG284o22SgTe88SUmG6QW1ylk; path=/; samesite=none; secure; httponly; partitioned');
       assert.equal(setCookies[2], 'foo=hello; path=/; samesite=none; secure; httponly');
       assert.equal(setCookies[3], 'foo.sig=ZWbaA4bWk8ByBuYVgfmJ2DMvhhS3sOctMbfXAQ2vnwI; path=/; samesite=none; secure; httponly');
 
       // read from cookie
       cookies = Cookies({
         secure: true,
         headers: {
-          cookie: '__Host-foo=hello; __Host-foo.sig=l0yCZaMfgLfAX4tuQ6mI4Hh3RBoeeWHrVHqNLlYx480; foo=hello; foo.sig=ZWbaA4bWk8ByBuYVgfmJ2DMvhhS3sOctMbfXAQ2vnwI',
+          cookie: '_CHIPS-foo=hello; _CHIPS-foo.sig=G4Idm9Wdp_vfCnUbOpQG284o22SgTe88SUmG6QW1ylk; foo=hello; foo.sig=ZWbaA4bWk8ByBuYVgfmJ2DMvhhS3sOctMbfXAQ2vnwI',
         },
       }, { secure: true }, { autoChips: true });
       assert.equal(cookies.get('foo'), 'hello');
-      assert.equal(cookies.get('__Host-foo'), 'hello');
+      assert.equal(cookies.get('_CHIPS-foo'), 'hello');
       cookies = Cookies({
         secure: true,
         headers: {
-          cookie: '__Host-foo=hello; __Host-foo.sig=l0yCZaMfgLfAX4tuQ6mI4Hh3RBoeeWHrVHqNLlYx480',
+          cookie: '_CHIPS-foo=hello; _CHIPS-foo.sig=G4Idm9Wdp_vfCnUbOpQG284o22SgTe88SUmG6QW1ylk',
         },
       }, { secure: true }, { autoChips: true });
       assert.equal(cookies.get('foo', { signed: true }), 'hello');
@@ -803,7 +803,7 @@ describe('test/lib/cookies.test.js', () => {
       cookies = Cookies({
         secure: true,
         headers: {
-          cookie: '__Host-foo=hello; __Host-foo.sig=l0yCZaMfgLfAX4tuQ6mI4Hh3RBoeeWHrVHqNLlYx480-invalid',
+          cookie: '_CHIPS-foo=hello; _CHIPS-foo.sig=G4Idm9Wdp_vfCnUbOpQG284o22SgTe88SUmG6QW1ylk-invalid',
         },
       }, { secure: true }, { autoChips: true });
       assert.equal(cookies.get('foo', { signed: true }), undefined);
@@ -812,7 +812,7 @@ describe('test/lib/cookies.test.js', () => {
       cookies = Cookies({
         secure: true,
         headers: {
-          cookie: '__Host-foo=hello',
+          cookie: '_CHIPS-foo=hello',
         },
       }, { secure: true }, { autoChips: true });
       assert.equal(cookies.get('foo', { signed: true }), undefined);
@@ -821,7 +821,7 @@ describe('test/lib/cookies.test.js', () => {
       cookies = Cookies({
         secure: true,
         headers: {
-          cookie: '__Host-foo=hello; foo=',
+          cookie: '_CHIPS-foo=hello; foo=',
         },
       }, { secure: true }, { autoChips: true });
       assert.equal(cookies.get('foo', { signed: true }), undefined);
@@ -866,8 +866,8 @@ describe('test/lib/cookies.test.js', () => {
       const headers = cookies.ctx.response.headers['set-cookie'];
       // console.log(headers);
       assert.equal(headers.length, 4);
-      assert.equal(headers[0], '__Host-foo=hello; path=/; samesite=none; secure; httponly; partitioned');
-      assert.equal(headers[1], '__Host-foo.sig=l0yCZaMfgLfAX4tuQ6mI4Hh3RBoeeWHrVHqNLlYx480; path=/; samesite=none; secure; httponly; partitioned');
+      assert.equal(headers[0], '_CHIPS-foo=hello; path=/; samesite=none; secure; httponly; partitioned');
+      assert.equal(headers[1], '_CHIPS-foo.sig=G4Idm9Wdp_vfCnUbOpQG284o22SgTe88SUmG6QW1ylk; path=/; samesite=none; secure; httponly; partitioned');
       assert.equal(headers[2], 'foo=hello; path=/; samesite=none; secure; httponly');
       assert.equal(headers[3], 'foo.sig=ZWbaA4bWk8ByBuYVgfmJ2DMvhhS3sOctMbfXAQ2vnwI; path=/; samesite=none; secure; httponly');
     });
@@ -890,7 +890,7 @@ describe('test/lib/cookies.test.js', () => {
       const headers = cookies.ctx.response.headers['set-cookie'];
       // console.log(headers);
       assert.equal(headers.length, 2);
-      assert.equal(headers[0], '__Host-foo=hello; path=/; samesite=none; secure; httponly; partitioned');
+      assert.equal(headers[0], '_CHIPS-foo=hello; path=/; samesite=none; secure; httponly; partitioned');
       assert.equal(headers[1], 'foo=hello; path=/; samesite=none; secure; httponly');
     });
 
@@ -911,8 +911,8 @@ describe('test/lib/cookies.test.js', () => {
       assert(opts.secure === undefined);
       const headers = cookies.ctx.response.headers['set-cookie'];
       assert.equal(headers.length, 4);
-      assert.equal(headers[0], '__Host-foo=hello; path=/; samesite=none; secure; httponly; partitioned');
-      assert.equal(headers[1], '__Host-foo.sig=l0yCZaMfgLfAX4tuQ6mI4Hh3RBoeeWHrVHqNLlYx480; path=/; samesite=none; secure; httponly; partitioned');
+      assert.equal(headers[0], '_CHIPS-foo=hello; path=/; samesite=none; secure; httponly; partitioned');
+      assert.equal(headers[1], '_CHIPS-foo.sig=G4Idm9Wdp_vfCnUbOpQG284o22SgTe88SUmG6QW1ylk; path=/; samesite=none; secure; httponly; partitioned');
       assert.equal(headers[2], 'foo=hello; path=/; samesite=none; secure; httponly');
       assert.equal(headers[3], 'foo.sig=ZWbaA4bWk8ByBuYVgfmJ2DMvhhS3sOctMbfXAQ2vnwI; path=/; samesite=none; secure; httponly');
     });