Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release 0.8 #116

Merged
merged 13 commits into from
Oct 12, 2019
Merged

Release 0.8 #116

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
055f829
build: restify@7.7.0
dougwilson Aug 1, 2019
6f6b39d
build: support Node.js 12.x
dougwilson Aug 1, 2019
e3454be
build: mocha@6.2.0
dougwilson Aug 1, 2019
c7dd860
build: express@4.17.1
dougwilson Aug 1, 2019
f1e4ac0
deps: depd@~2.0.0
dougwilson Aug 4, 2019
bcb37e8
deps: keygrip@~1.1.0
dougwilson Aug 4, 2019
f343bea
build: nyc@14.1.1
dougwilson Aug 4, 2019
b502ba9
build: mocha@6.2.1
dougwilson Oct 7, 2019
4cdd089
build: Node.js@12.11
dougwilson Oct 7, 2019
c0937c7
build: restify@8.4.0
dougwilson Oct 10, 2019
6c7f289
Fix check for default secure option behavior
panva May 17, 2019
7bc51eb
Fix maxAge option preventing cookie deletion
fengmk2 Apr 28, 2019
fac05de
Support "none" in sameSite option
panva May 17, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
5 changes: 3 additions & 2 deletions .travis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ node_js:
- "9.11"
- "10.16"
- "11.15"
- "12.11"
sudo: false
cache:
directories:
Expand Down Expand Up @@ -68,8 +69,8 @@ before_install:
fi
- |
# restify framework
# - remove on Node.js < 0.10
if [[ "$(cut -d. -f1 <<< "$TRAVIS_NODE_VERSION")" -eq 0 && "$(cut -d. -f2 <<< "$TRAVIS_NODE_VERSION")" -lt 10 ]]; then
# - remove on Node.js < 8
if [[ "$(cut -d. -f1 <<< "$TRAVIS_NODE_VERSION")" -lt 8 ]]; then
npm rm --silent --save-dev restify
fi
- |
Expand Down
12 changes: 12 additions & 0 deletions HISTORY.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,15 @@
unreleased
==========

* Fix check for default `secure` option behavior
* Fix `maxAge` option preventing cookie deletion
* Support `"none"` in `sameSite` option
* deps: depd@~2.0.0
- Replace internal `eval` usage with `Function` constructor
- Use instance methods on `process` to check for listeners
* deps: keygrip@~1.1.0
- Use `tsscmp` module for timing-safe signature verification

0.7.3 / 2018-11-04
==================

Expand Down
16 changes: 10 additions & 6 deletions index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ var fieldContentRegExp = /^[\u0009\u0020-\u007e\u0080-\u00ff]+$/;
* RegExp to match Same-Site cookie attribute value.
*/

var sameSiteRegExp = /^(?:lax|strict)$/i
var SAME_SITE_REGEXP = /^(?:lax|none|strict)$/i

function Cookies(request, response, options) {
if (!(this instanceof Cookies)) return new Cookies(request, response, options)
Expand Down Expand Up @@ -94,8 +94,9 @@ Cookies.prototype.set = function(name, value, opts) {
throw new Error('Cannot send secure cookie over unencrypted connection')
}

cookie.secure = secure
if (opts && "secure" in opts) cookie.secure = opts.secure
cookie.secure = opts && opts.secure !== undefined
? opts.secure
: secure

if (opts && "secureProxy" in opts) {
deprecate('"secureProxy" option; use "secure" option, provide "secure" to constructor if needed')
Expand Down Expand Up @@ -125,15 +126,18 @@ function Cookie(name, value, attrs) {
throw new TypeError('argument value is invalid');
}

value || (this.expires = new Date(0))

this.name = name
this.value = value || ""

for (var name in attrs) {
this[name] = attrs[name]
}

if (!this.value) {
this.expires = new Date(0)
this.maxAge = null
}

if (this.path && !fieldContentRegExp.test(this.path)) {
throw new TypeError('option path is invalid');
}
Expand All @@ -142,7 +146,7 @@ function Cookie(name, value, attrs) {
throw new TypeError('option domain is invalid');
}

if (this.sameSite && this.sameSite !== true && !sameSiteRegExp.test(this.sameSite)) {
if (this.sameSite && this.sameSite !== true && !SAME_SITE_REGEXP.test(this.sameSite)) {
throw new TypeError('option sameSite is invalid')
}
}
Expand Down
12 changes: 6 additions & 6 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,15 +9,15 @@
"license": "MIT",
"repository": "pillarjs/cookies",
"dependencies": {
"depd": "~1.1.2",
"keygrip": "~1.0.3"
"depd": "~2.0.0",
"keygrip": "~1.1.0"
},
"devDependencies": {
"eslint": "4.19.1",
"express": "4.16.4",
"mocha": "6.1.4",
"nyc": "14.0.0",
"restify": "6.4.0",
"express": "4.17.1",
"mocha": "6.2.1",
"nyc": "14.1.1",
"restify": "8.4.0",
"supertest": "4.0.2"
},
"files": [
Expand Down
7 changes: 7 additions & 0 deletions test/cookie.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,13 @@ describe('new Cookie(name, value, [options])', function () {
})
})

describe('when set to "none"', function () {
it('should set "samesite=none" attribute in header', function () {
var cookie = new cookies.Cookie('foo', 'bar', { sameSite: 'none' })
assert.equal(cookie.toHeader(), 'foo=bar; path=/; samesite=none; httponly')
})
})

describe('when set to "strict"', function () {
it('should set "samesite=strict" attribute in header', function () {
var cookie = new cookies.Cookie('foo', 'bar', { sameSite: 'strict' })
Expand Down
49 changes: 49 additions & 0 deletions test/test.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -278,6 +278,16 @@ describe('new Cookies(req, res, [options])', function () {
.expect(shouldSetCookieWithoutAttribute('foo', 'maxAge'))
.end(done)
})

it('should not affect cookie deletion', function (done) {
request(createServer(setCookieHandler('foo', null, { maxAge: 86400000 })))
.get('/')
.expect(200)
.expect(shouldSetCookieCount(1))
.expect(shouldSetCookieToValue('foo', ''))
.expect(shouldSetCookieWithAttributeAndValue('foo', 'expires', 'Thu, 01 Jan 1970 00:00:00 GMT'))
.end(done)
})
})

describe('"overwrite" option', function () {
Expand Down Expand Up @@ -401,6 +411,45 @@ describe('new Cookies(req, res, [options])', function () {
})
})
})

describe('when undefined', function () {
it('should set secure attribute on encrypted connection', function (done) {
var server = createSecureServer(setCookieHandler('foo', 'bar', { secure: undefined }))

request(server)
.get('/')
.ca(server.cert)
.expect(200)
.expect(shouldSetCookieWithAttribute('foo', 'Secure'))
.end(done)
})

describe('with "secure: undefined" constructor option', function () {
it('should not set secure attribute on unencrypted connection', function (done) {
var opts = { secure: undefined }

request(createServer(opts, setCookieHandler('foo', 'bar', { secure: undefined })))
.get('/')
.expect(200)
.expect(shouldSetCookieWithoutAttribute('foo', 'Secure'))
.end(done)
})
})

describe('with req.protocol === "https"', function () {
it('should set secure attribute on unencrypted connection', function (done) {
request(createServer(function (req, res, cookies) {
req.protocol = 'https'
cookies.set('foo', 'bar', { secure: undefined })
res.end()
}))
.get('/')
.expect(200)
.expect(shouldSetCookieWithAttribute('foo', 'Secure'))
.end(done)
})
})
})
})

describe('"secureProxy" option', function () {
Expand Down