Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

Fix signed cookie prefix #1286

Merged
merged 1 commit into from

4 participants

@tnydwrds

Updated res.cookie to prefix signed cookies with 's:' so that req.signedCookies would populate properly.

@tnydwrds tnydwrds Fix signed cookie prefix
Update res.cookie to prefix signed cookies with 's:'
0217e6c
@travisbot

This pull request passes (merged 0217e6c into 6bebe08).

@tj tj merged commit 32a5c9c into strongloop:master
@tj
tj commented

thanks! I totally missed that

@xmen4u

I've updated express (both for the local project and globaly),
I'm still having the prefix bug: my code https://gist.github.com/3397357

express v: 3.0.0rc3
node 0.8.7

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Aug 14, 2012
  1. @tnydwrds

    Fix signed cookie prefix

    tnydwrds authored
    Update res.cookie to prefix signed cookies with 's:'
This page is out of date. Refresh to see the latest.
View
2  lib/response.js
@@ -538,7 +538,7 @@ res.cookie = function(name, val, options){
var signed = options.signed;
if (signed && !secret) throw new Error('connect.cookieParser("secret") required for signed cookies');
if ('object' == typeof val) val = 'j:' + JSON.stringify(val);
- if (signed) val = utils.sign(val, secret);
+ if (signed) val = 's:' + utils.sign(val, secret);
if ('maxAge' in options) options.expires = new Date(Date.now() + options.maxAge);
if (null == options.path) options.path = '/';
this.set('Set-Cookie', cookie.serialize(name, String(val), options));
View
52 test/req.signedCookies.js
@@ -0,0 +1,52 @@
+
+var express = require('../')
+ , request = require('./support/http');
+
+describe('req', function(){
+ describe('.signedCookies', function(){
+ it('should return a signed JSON cookie', function(done){
+ var app = express()
+ , cookieHeader
+ , val;
+
+ app.use(express.cookieParser('secret'));
+
+ app.use(function(req, res){
+ res.send(req.signedCookies);
+ });
+
+ app.response.req = { secret: 'secret' };
+ app.response.cookie('obj', { foo: 'bar' }, { signed: true });
+ cookieHeader = app.response.get('set-cookie');
+
+ val = JSON.stringify({ obj: { foo: 'bar' } });
+ request(app)
+ .get('/')
+ .set('Cookie', cookieHeader)
+ .expect(val, done);
+ })
+
+ it('should return a signed cookie', function(done){
+ var app = express()
+ , cookieHeader
+ , val;
+
+ app.use(express.cookieParser('secret'));
+
+ app.use(function(req, res){
+ res.send(req.signedCookies);
+ });
+
+ app.response.req = { secret: 'secret' };
+ app.response.cookie('foo', 'bar', { signed: true });
+ cookieHeader = app.response.get('set-cookie');
+
+ val = JSON.stringify({ foo: 'bar' });
+ request(app)
+ .get('/')
+ .set('Cookie', cookieHeader)
+ .expect(val, done);
+ })
+ })
+})
+
View
4 test/res.cookie.js
@@ -109,7 +109,7 @@ describe('res', function(){
.end(function(err, res){
var val = res.headers['set-cookie'][0];
val = cookie.parse(val.split('.')[0]);
- val.user.should.equal('j:{"name":"tobi"}');
+ val.user.should.equal('s:j:{"name":"tobi"}');
done();
})
})
@@ -128,7 +128,7 @@ describe('res', function(){
request(app)
.get('/')
.end(function(err, res){
- var val = ['name=tobi.xJjV2iZ6EI7C8E5kzwbfA9PVLl1ZR07UTnuTgQQ4EnQ; Path=/'];
+ var val = ['name=s%3Atobi.xJjV2iZ6EI7C8E5kzwbfA9PVLl1ZR07UTnuTgQQ4EnQ; Path=/'];
res.headers['set-cookie'].should.eql(val);
done();
})
Something went wrong with that request. Please try again.