From 6b5e5be4f09b692b2867b390a300de8a1e142cbb Mon Sep 17 00:00:00 2001 From: fengmk2 Date: Wed, 3 Jan 2024 18:55:09 +0800 Subject: [PATCH] fix: use _CHIPS- prefix instead of __Host- (#48) https://www.ietf.org/archive/id/draft-west-cookie-prefixes-05.txt --- README.zh-CN.md | 2 +- index.d.ts | 2 +- lib/cookies.js | 6 +++--- test/lib/cookies.test.js | 38 +++++++++++++++++++------------------- 4 files changed, 24 insertions(+), 24 deletions(-) diff --git a/README.zh-CN.md b/README.zh-CN.md index 05ed963..324d5db 100644 --- a/README.zh-CN.md +++ b/README.zh-CN.md @@ -33,7 +33,7 @@ ctx.cookies.set('key', 'value', options); 全局默认配置: - autoChips - `Boolean` 是否开启 [CHIPS](https://developers.google.com/privacy-sandbox/3pcd/chips#security_design) 的自动适配方案, -会自动给 Cookie 新增一个 `__Host` 为前缀的分区 Cookie,优先读取非分区 Cookie,读取失败则尝试读取 `__Host` 前缀的同名 Cookie 适配三方 Cookie 禁止逻辑。 +会自动给 Cookie 新增一个 `_CHIPS-` 为前缀的分区 Cookie,优先读取非分区 Cookie,读取失败则尝试读取 `_CHIPS-` 前缀的同名 Cookie 适配三方 Cookie 禁止逻辑。 一旦配置 `autoChips=true`,那么会强制忽略 `partitioned`、`removeUnpartitioned` 参数。 ## 设置 cookie diff --git a/index.d.ts b/index.d.ts index 68dc32a..7157209 100644 --- a/index.d.ts +++ b/index.d.ts @@ -7,7 +7,7 @@ declare namespace EggCookies { interface DefaultCookieOptions { /** - * Auto get and set `__Host` prefix cookie to adaptation CHIPS mode (The default value is false). + * Auto get and set `_CHIPS-` prefix cookie to adaptation CHIPS mode (The default value is false). */ autoChips?: boolean; } diff --git a/lib/cookies.js b/lib/cookies.js index 0ec8c1b..11cd08d 100644 --- a/lib/cookies.js +++ b/lib/cookies.js @@ -57,7 +57,7 @@ class Cookies { opts = opts || {}; let value = this._get(name, opts); if (value === undefined && this._autoChips) { - // try to read __Host-${name} prefix cookie + // try to read _CHIPS-${name} prefix cookie value = this._get(this._formatChipsCookieName(name), opts); } return value; @@ -170,7 +170,7 @@ class Cookies { headers = pushCookie(headers, removeUnpartitionedCookie); } } else if (autoChips) { - // add __Host-${name} prefix cookie + // add _CHIPS-${name} prefix cookie const newCookieName = this._formatChipsCookieName(name); const newCookieOpts = Object.assign({}, opts, { partitioned: true, @@ -206,7 +206,7 @@ class Cookies { } _formatChipsCookieName(name) { - return `__Host-${name}`; + return `_CHIPS-${name}`; } _parseChromiumAndMajorVersion(userAgent) { diff --git a/test/lib/cookies.test.js b/test/lib/cookies.test.js index 00d715a..8cc870b 100644 --- a/test/lib/cookies.test.js +++ b/test/lib/cookies.test.js @@ -723,8 +723,8 @@ describe('test/lib/cookies.test.js', () => { assert(opts.secure === undefined); let setCookies = cookies.ctx.response.headers['set-cookie']; assert.equal(setCookies.length, 4); - assert.equal(setCookies[0], '__Host-foo=hello; path=/; samesite=none; secure; httponly; partitioned'); - assert.equal(setCookies[1], '__Host-foo.sig=l0yCZaMfgLfAX4tuQ6mI4Hh3RBoeeWHrVHqNLlYx480; path=/; samesite=none; secure; httponly; partitioned'); + assert.equal(setCookies[0], '_CHIPS-foo=hello; path=/; samesite=none; secure; httponly; partitioned'); + assert.equal(setCookies[1], '_CHIPS-foo.sig=G4Idm9Wdp_vfCnUbOpQG284o22SgTe88SUmG6QW1ylk; path=/; samesite=none; secure; httponly; partitioned'); assert.equal(setCookies[2], 'foo=hello; path=/; samesite=none; secure; httponly'); assert.equal(setCookies[3], 'foo.sig=ZWbaA4bWk8ByBuYVgfmJ2DMvhhS3sOctMbfXAQ2vnwI; path=/; samesite=none; secure; httponly'); @@ -739,8 +739,8 @@ describe('test/lib/cookies.test.js', () => { assert(opts.signed === 1); assert(opts.secure === undefined); setCookies = cookies.ctx.response.headers['set-cookie']; - assert.equal(setCookies[0], '__Host-foo=hello; path=/; samesite=none; secure; httponly; partitioned'); - assert.equal(setCookies[1], '__Host-foo.sig=l0yCZaMfgLfAX4tuQ6mI4Hh3RBoeeWHrVHqNLlYx480; path=/; samesite=none; secure; httponly; partitioned'); + assert.equal(setCookies[0], '_CHIPS-foo=hello; path=/; samesite=none; secure; httponly; partitioned'); + assert.equal(setCookies[1], '_CHIPS-foo.sig=G4Idm9Wdp_vfCnUbOpQG284o22SgTe88SUmG6QW1ylk; path=/; samesite=none; secure; httponly; partitioned'); assert.equal(setCookies[2], 'foo=hello; path=/; samesite=none; secure; httponly'); assert.equal(setCookies[3], 'foo.sig=ZWbaA4bWk8ByBuYVgfmJ2DMvhhS3sOctMbfXAQ2vnwI; path=/; samesite=none; secure; httponly'); @@ -756,8 +756,8 @@ describe('test/lib/cookies.test.js', () => { assert(opts.signed === 1); assert(opts.secure === undefined); setCookies = cookies.ctx.response.headers['set-cookie']; - assert.equal(setCookies[0], '__Host-foo=hello; path=/; samesite=none; secure; httponly; partitioned'); - assert.equal(setCookies[1], '__Host-foo.sig=l0yCZaMfgLfAX4tuQ6mI4Hh3RBoeeWHrVHqNLlYx480; path=/; samesite=none; secure; httponly; partitioned'); + assert.equal(setCookies[0], '_CHIPS-foo=hello; path=/; samesite=none; secure; httponly; partitioned'); + assert.equal(setCookies[1], '_CHIPS-foo.sig=G4Idm9Wdp_vfCnUbOpQG284o22SgTe88SUmG6QW1ylk; path=/; samesite=none; secure; httponly; partitioned'); assert.equal(setCookies[2], 'foo=hello; path=/; samesite=none; secure; httponly'); assert.equal(setCookies[3], 'foo.sig=ZWbaA4bWk8ByBuYVgfmJ2DMvhhS3sOctMbfXAQ2vnwI; path=/; samesite=none; secure; httponly'); @@ -776,8 +776,8 @@ describe('test/lib/cookies.test.js', () => { assert(opts.signed === 1); assert(opts.secure === undefined); setCookies = cookies.ctx.response.headers['set-cookie']; - assert.equal(setCookies[0], '__Host-foo=hello; path=/; samesite=none; secure; httponly; partitioned'); - assert.equal(setCookies[1], '__Host-foo.sig=l0yCZaMfgLfAX4tuQ6mI4Hh3RBoeeWHrVHqNLlYx480; path=/; samesite=none; secure; httponly; partitioned'); + assert.equal(setCookies[0], '_CHIPS-foo=hello; path=/; samesite=none; secure; httponly; partitioned'); + assert.equal(setCookies[1], '_CHIPS-foo.sig=G4Idm9Wdp_vfCnUbOpQG284o22SgTe88SUmG6QW1ylk; path=/; samesite=none; secure; httponly; partitioned'); assert.equal(setCookies[2], 'foo=hello; path=/; samesite=none; secure; httponly'); assert.equal(setCookies[3], 'foo.sig=ZWbaA4bWk8ByBuYVgfmJ2DMvhhS3sOctMbfXAQ2vnwI; path=/; samesite=none; secure; httponly'); @@ -785,15 +785,15 @@ describe('test/lib/cookies.test.js', () => { cookies = Cookies({ secure: true, headers: { - cookie: '__Host-foo=hello; __Host-foo.sig=l0yCZaMfgLfAX4tuQ6mI4Hh3RBoeeWHrVHqNLlYx480; foo=hello; foo.sig=ZWbaA4bWk8ByBuYVgfmJ2DMvhhS3sOctMbfXAQ2vnwI', + cookie: '_CHIPS-foo=hello; _CHIPS-foo.sig=G4Idm9Wdp_vfCnUbOpQG284o22SgTe88SUmG6QW1ylk; foo=hello; foo.sig=ZWbaA4bWk8ByBuYVgfmJ2DMvhhS3sOctMbfXAQ2vnwI', }, }, { secure: true }, { autoChips: true }); assert.equal(cookies.get('foo'), 'hello'); - assert.equal(cookies.get('__Host-foo'), 'hello'); + assert.equal(cookies.get('_CHIPS-foo'), 'hello'); cookies = Cookies({ secure: true, headers: { - cookie: '__Host-foo=hello; __Host-foo.sig=l0yCZaMfgLfAX4tuQ6mI4Hh3RBoeeWHrVHqNLlYx480', + cookie: '_CHIPS-foo=hello; _CHIPS-foo.sig=G4Idm9Wdp_vfCnUbOpQG284o22SgTe88SUmG6QW1ylk', }, }, { secure: true }, { autoChips: true }); assert.equal(cookies.get('foo', { signed: true }), 'hello'); @@ -803,7 +803,7 @@ describe('test/lib/cookies.test.js', () => { cookies = Cookies({ secure: true, headers: { - cookie: '__Host-foo=hello; __Host-foo.sig=l0yCZaMfgLfAX4tuQ6mI4Hh3RBoeeWHrVHqNLlYx480-invalid', + cookie: '_CHIPS-foo=hello; _CHIPS-foo.sig=G4Idm9Wdp_vfCnUbOpQG284o22SgTe88SUmG6QW1ylk-invalid', }, }, { secure: true }, { autoChips: true }); assert.equal(cookies.get('foo', { signed: true }), undefined); @@ -812,7 +812,7 @@ describe('test/lib/cookies.test.js', () => { cookies = Cookies({ secure: true, headers: { - cookie: '__Host-foo=hello', + cookie: '_CHIPS-foo=hello', }, }, { secure: true }, { autoChips: true }); assert.equal(cookies.get('foo', { signed: true }), undefined); @@ -821,7 +821,7 @@ describe('test/lib/cookies.test.js', () => { cookies = Cookies({ secure: true, headers: { - cookie: '__Host-foo=hello; foo=', + cookie: '_CHIPS-foo=hello; foo=', }, }, { secure: true }, { autoChips: true }); assert.equal(cookies.get('foo', { signed: true }), undefined); @@ -866,8 +866,8 @@ describe('test/lib/cookies.test.js', () => { const headers = cookies.ctx.response.headers['set-cookie']; // console.log(headers); assert.equal(headers.length, 4); - assert.equal(headers[0], '__Host-foo=hello; path=/; samesite=none; secure; httponly; partitioned'); - assert.equal(headers[1], '__Host-foo.sig=l0yCZaMfgLfAX4tuQ6mI4Hh3RBoeeWHrVHqNLlYx480; path=/; samesite=none; secure; httponly; partitioned'); + assert.equal(headers[0], '_CHIPS-foo=hello; path=/; samesite=none; secure; httponly; partitioned'); + assert.equal(headers[1], '_CHIPS-foo.sig=G4Idm9Wdp_vfCnUbOpQG284o22SgTe88SUmG6QW1ylk; path=/; samesite=none; secure; httponly; partitioned'); assert.equal(headers[2], 'foo=hello; path=/; samesite=none; secure; httponly'); assert.equal(headers[3], 'foo.sig=ZWbaA4bWk8ByBuYVgfmJ2DMvhhS3sOctMbfXAQ2vnwI; path=/; samesite=none; secure; httponly'); }); @@ -890,7 +890,7 @@ describe('test/lib/cookies.test.js', () => { const headers = cookies.ctx.response.headers['set-cookie']; // console.log(headers); assert.equal(headers.length, 2); - assert.equal(headers[0], '__Host-foo=hello; path=/; samesite=none; secure; httponly; partitioned'); + assert.equal(headers[0], '_CHIPS-foo=hello; path=/; samesite=none; secure; httponly; partitioned'); assert.equal(headers[1], 'foo=hello; path=/; samesite=none; secure; httponly'); }); @@ -911,8 +911,8 @@ describe('test/lib/cookies.test.js', () => { assert(opts.secure === undefined); const headers = cookies.ctx.response.headers['set-cookie']; assert.equal(headers.length, 4); - assert.equal(headers[0], '__Host-foo=hello; path=/; samesite=none; secure; httponly; partitioned'); - assert.equal(headers[1], '__Host-foo.sig=l0yCZaMfgLfAX4tuQ6mI4Hh3RBoeeWHrVHqNLlYx480; path=/; samesite=none; secure; httponly; partitioned'); + assert.equal(headers[0], '_CHIPS-foo=hello; path=/; samesite=none; secure; httponly; partitioned'); + assert.equal(headers[1], '_CHIPS-foo.sig=G4Idm9Wdp_vfCnUbOpQG284o22SgTe88SUmG6QW1ylk; path=/; samesite=none; secure; httponly; partitioned'); assert.equal(headers[2], 'foo=hello; path=/; samesite=none; secure; httponly'); assert.equal(headers[3], 'foo.sig=ZWbaA4bWk8ByBuYVgfmJ2DMvhhS3sOctMbfXAQ2vnwI; path=/; samesite=none; secure; httponly'); });