Skip to content

Commit

Permalink
Add SameSite attribute support (#269)
Browse files Browse the repository at this point in the history 
* Add SameSite attribute support

* Add test

* add browser test

* add docs
  • Loading branch information
@Exelord @marcoow
Exelord authored and marcoow committed Oct 28, 2019
1 parent 6c00629 commit e5e8e66
Show file tree
Hide file tree
Showing 3 changed files with 24 additions and 2 deletions.
4 changes: 2 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,8 +52,8 @@ The `cookies` service has methods for reading and writing cookies:
URL-decoding the value).
* `write(name, value, options = {})`: writes a cookie with the given name and
value; options can be used to set `domain`, `expires` (Date), `maxAge` (time
in seconds), `path`, `secure`, and `raw` (boolean, disables URL-encoding the
value).
in seconds), `path`, `secure`, `raw` (boolean, disables URL-encoding the
value) and `sameSite` (can be either `'strict'` or `'lax'`).
* `clear(name, options = {})`: clears the cookie so that future reads do not
return a value; options can be used to specify `domain`, `path` or `secure`.
* `exists(name)`: checks whether a cookie exists at all (even with a falsy
Expand Down
3 changes: 3 additions & 0 deletions addon/utils/serialize-cookie.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,9 @@ export const serializeCookie = (name, value, options = {}) => {
if (!isEmpty(options.path)) {
cookie = `${cookie}; path=${options.path}`;
}
if (!isEmpty(options.sameSite)) {
cookie = `${cookie}; SameSite=${options.sameSite}`;
}

return cookie;
};
19 changes: 19 additions & 0 deletions tests/unit/services/cookies-test.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -328,6 +328,16 @@ describe('CookiesService', function() {
this.subject().write(COOKIE_NAME, 'test', { httpOnly: true });
}).to.throw();
});

it('sets the sameSite flag', function() {
defineProperty(this.fakeDocument, 'cookie', {
set(value) {
expect(value).to.include('; SameSite=Strict');
}
});

this.subject().write(COOKIE_NAME, 'test', { sameSite: 'Strict' });
});
});

describe('clearing a cookie', function() {
Expand Down Expand Up @@ -723,6 +733,15 @@ describe('CookiesService', function() {
this.subject().write(COOKIE_NAME, 'test', { httpOnly: true });
}).to.not.throw();
});

it('sets the sameSite flag', function() {
this.fakeFastBoot.response.headers.append = function(headerName, headerValue) {
expect(headerName).to.equal('set-cookie');
expect(headerValue).to.equal(`${COOKIE_NAME}=test; SameSite=Strict`);
};

this.subject().write(COOKIE_NAME, 'test', { sameSite: 'Strict' });
});
});

describe('clearing a cookie', function() {
Expand Down

0 comments on commit e5e8e66

Please sign in to comment.