Support for sameSite === 'Unset' #100
Comments
AKushWarrior
changed the title
|
I'm not sure you are posting on the right repo. This module allow you to send either none or simply not set, neither throws a TypeError. If you can provide the exact steps to reproduce the error, the version of this module you are using, and the exact error message, I can always reopen to investigate. |
|
Essentially, if you parse a cookie from a site (slader.com, as I mentioned above) and try to send a modified version, the serialize function fails. It does so because of this switch statement. I'm proposing adding 'Unset' as a case in the switch statement, so that trying to send the same cookie doesn't fail. |
|
I'm not sure I understand what you mean by "if you parse a cookie from a site", can you elaborate? This module only parses the |
|
Sorry, let me clear some things up. I'm using the serialize function to serialize a set-cookie header. This header is read from a crawled site and has to be re-serialized with certain changed attributes. I'm not modifying the 'same-site' field, so I didn't expect this package to error when I attempted to re-serialize the header. Using 'parse' was a total mental error by me. I've been mixing and matching on npm for a while now, and I got my terminology mixed up. |
|
So this module will error on by design if the value you pass to |
|
https://tools.ietf.org/id/draft-ietf-httpbis-rfc6265bis-03.html#the-samesite-attribute Take a look at the last sentence of this. Values that are not listed should be treated as 'None', not an error, so as to maintain support for broken websites. |
|
That wording is in regards to parsing the attribute in the |
|
Okay, I see now. This PR and issue should be for my parsing library :/ Have a good day! |
Various sites (ex. https://slader.com) don't set the sameSite cookie attribute, and instead leave it as 'Unset'. This currently tosses a TypeError, whereas behavior should be the same as 'none'.
The text was updated successfully, but these errors were encountered: