Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More โ
@americanexpress/fetch-enhancers
Advanced tools
@americanexpress/fetch-enhancers - npm Package Compare versions
Comparing version 1.0.6 to 1.0.7
@@ -0,1 +1,8 @@ | ||
| ## [1.0.7](https://github.com/americanexpress/fetch-enhancers/compare/v1.0.6...v1.0.7) (2021-04-21) | ||
| ### Bug Fixes | ||
| * **createBrowserLikeFetch:** add trustedURLs option ([18483e7](https://github.com/americanexpress/fetch-enhancers/commit/18483e77e84c9a7ea951fc4c935e44cdfbe268b5)) | ||
| ## [1.0.6](https://github.com/americanexpress/fetch-enhancers/compare/v1.0.5...v1.0.6) (2021-04-02) | ||
@@ -2,0 +9,0 @@ |
@@ -293,3 +293,3 @@ import abortController from 'abort-controller'; | ||
| var isTrustedPath = function isTrustedPath(path, trustedRegExp) { | ||
| var isTrustedURL = function isTrustedURL(path, trustedRegExp) { | ||
| return trustedRegExp.some(function (t) { | ||
@@ -333,4 +333,5 @@ return new RegExp(t).test(path); | ||
| setCookie = _ref.setCookie, | ||
| _ref$trustedDomains = _ref.trustedDomains, | ||
| trustedDomains = _ref$trustedDomains === void 0 ? [] : _ref$trustedDomains; | ||
| _ref$trustedURLs = _ref.trustedURLs, | ||
| trustedURLs = _ref$trustedURLs === void 0 ? [] : _ref$trustedURLs, | ||
| trustedDomains = _ref.trustedDomains; | ||
@@ -340,4 +341,15 @@ // do not destructure `cookie`. Express req.cookie requires `this` to equal | ||
| // https://github.com/expressjs/express/blob/master/lib/response.js#L833 | ||
| res.cookie = setCookie || res.cookie; // jar acts as browser's cookie jar for the life of the SSR | ||
| res.cookie = setCookie || res.cookie; // trustedDomains is deprecated for matching URLs instead of just domains | ||
| // remove in the next major/breaking version | ||
| if (trustedDomains) { | ||
| // notify the user of the deprecation | ||
| // eslint-disable-next-line no-console | ||
| console.warn('createBrowserLikeFetch: trustedDomains option is deprecated in favor of trustedURLs, adding entries to trustedURLs'); // avoid mutation of the parameter (ex: `trustedURLs.push(...trustedDomains)`) | ||
| // eslint-disable-next-line no-param-reassign | ||
| trustedURLs = [].concat(_toConsumableArray(trustedURLs), _toConsumableArray(trustedDomains)); | ||
| } // jar acts as browser's cookie jar for the life of the SSR | ||
| var jar = new CookieJar(); | ||
@@ -348,3 +360,3 @@ var dottedHostnamePublicSuffix = hostname && ".".concat(getPublicSuffix(hostname)); // build a list of cookies on creation to ease deduplication on each request | ||
| return function (nextFetch) { | ||
| return function (path) { | ||
| return function (url) { | ||
| var options = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {}; | ||
@@ -355,7 +367,7 @@ | ||
| if (!options.credentials) { | ||
| return nextFetch(path, nextFetchOptions); | ||
| return nextFetch(url, nextFetchOptions); | ||
| } | ||
| if (isTrustedPath(path, trustedDomains)) { | ||
| var cookie = constructCookieHeader.apply(void 0, _toConsumableArray(headerCookies).concat(_toConsumableArray(jar.getCookiesSync(path)), _toConsumableArray(parseCookieHeader(options.headers && options.headers.cookie)))); | ||
| if (isTrustedURL(url, trustedURLs)) { | ||
| var cookie = constructCookieHeader.apply(void 0, _toConsumableArray(headerCookies).concat(_toConsumableArray(jar.getCookiesSync(url)), _toConsumableArray(parseCookieHeader(options.headers && options.headers.cookie)))); | ||
| nextFetchOptions = deepMergeObjects_1(nextFetchOptions, { | ||
@@ -369,6 +381,6 @@ headers: cookie ? _objectSpread2(_objectSpread2({}, headers), {}, { | ||
| if (!hostname) { | ||
| return nextFetch(path, nextFetchOptions); | ||
| return nextFetch(url, nextFetchOptions); | ||
| } | ||
| return nextFetch(path, nextFetchOptions).then(function (fetchedResp) { | ||
| return nextFetch(url, nextFetchOptions).then(function (fetchedResp) { | ||
| var cookieStrings = fetchedResp.headers.raw()['set-cookie'] || []; | ||
@@ -386,6 +398,6 @@ cookieStrings.forEach(function (cookieString) { | ||
| try { | ||
| jar.setCookieSync(cookie, path); | ||
| jar.setCookieSync(cookie, url); | ||
| } catch (error) { | ||
| // eslint-disable-next-line no-console | ||
| console.warn("Warning: failed to set cookie \"".concat(key, "\" from path \"").concat(path, "\" with the following error, \"").concat(error.message, "\"")); | ||
| console.warn("Warning: failed to set cookie \"".concat(key, "\" from path \"").concat(url, "\" with the following error, \"").concat(error.message, "\"")); | ||
| return; | ||
@@ -399,3 +411,3 @@ } | ||
| // host includes the hostname and port but getPublicSuffix expects only the hostname | ||
| cookieOptions.domain = getPublicSuffix(new URL(path).hostname); | ||
| cookieOptions.domain = getPublicSuffix(new URL(url).hostname); | ||
| } // then check if this cookie relates to this hostname | ||
@@ -402,0 +414,0 @@ |
@@ -1,1 +0,1 @@ | ||
| "use strict";function e(e){return e&&"object"==typeof e&&"default"in e?e.default:e}Object.defineProperty(exports,"__esModule",{value:!0});var t=e(require("abort-controller")),o=e(require("url")),r=e(require("tough-cookie"));function a(...e){const t=Error.apply(this,e);this.name="TimeoutError",this.message=t.message,this.stack=t.stack}a.prototype=Object.create(Error.prototype,{constructor:{value:a}});var n=a;var i=function(e){return o=>(r,a={})=>{const i=new t,s=i.signal,c=a.signal,u=a.timeout||e;let h;return c&&c.addEventListener("abort",function e(t,o){return()=>{t.abort(),o.removeEventListener("abort",e(t,o))}}(i,c)),Promise.race([o(r,{...a,signal:s}),new Promise((e,t)=>{setTimeout(()=>{h=!0,i.abort(),t(new n(`${r} after ${u}ms`))},u)})]).catch(e=>{if("AbortError"===e.name&&h)throw new n(`${r} after ${u}ms`);throw e})}};const s=(e,t)=>(Object.keys(t).forEach(o=>{Object.prototype.hasOwnProperty.call(e,o)&&"object"==typeof e[o]&&!Array.isArray(e[o])?s(e[o],t[o]):e[o]=t[o]}),e);var c=(e,...t)=>(t.forEach(t=>s(e,t)),e);const{URL:u}=o,{CookieJar:h,parse:m,getPublicSuffix:l}=r,f=e=>e?e.split(";").map(e=>m(e)):[],p=()=>0;var d={createTimeoutFetch:i,createBrowserLikeFetch:function({headers:e={},hostname:t,res:o={cookie:p},setCookie:r,trustedDomains:a=[]}={}){o.cookie=r||o.cookie;const n=new h,i=t&&"."+l(t),s=f(e.cookie);return r=>(h,p={})=>{let d={...p};if(!p.credentials)return r(h,d);if(((e,t)=>t.some(t=>new RegExp(t).test(e)))(h,a)){const t=((...e)=>[...new Map(e.map(e=>[e.key,e])).values()].map(e=>e.cookieString()).join("; "))(...s,...n.getCookiesSync(h),...f(p.headers&&p.headers.cookie));d=c(d,{headers:t?{...e,cookie:t}:e})}return t?r(h,d).then(e=>((e.headers.raw()["set-cookie"]||[]).forEach(e=>{const t=m(e),{key:r,value:a,...s}=t.toJSON();try{n.setCookieSync(t,h)}catch(e){return void console.warn(`Warning: failed to set cookie "${r}" from path "${h}" with the following error, "${e.message}"`)}s.domain||(s.domain=l(new u(h).hostname));const c=s.domain;if(!c||!("."+c).endsWith(i))return;const f=decodeURIComponent(a),p={...s,...s.maxAge?{maxAge:1e3*s.maxAge}:void 0};o.cookie(r,f,p)}),e)):r(h,d)}}},k=d.createTimeoutFetch,w=d.createBrowserLikeFetch;exports.createBrowserLikeFetch=w,exports.createTimeoutFetch=k,exports.default=d; | ||
| "use strict";function e(e){return e&&"object"==typeof e&&"default"in e?e.default:e}Object.defineProperty(exports,"__esModule",{value:!0});var t=e(require("abort-controller")),r=e(require("url")),o=e(require("tough-cookie"));function a(...e){const t=Error.apply(this,e);this.name="TimeoutError",this.message=t.message,this.stack=t.stack}a.prototype=Object.create(Error.prototype,{constructor:{value:a}});var s=a;var n=function(e){return r=>(o,a={})=>{const n=new t,i=n.signal,c=a.signal,u=a.timeout||e;let h;return c&&c.addEventListener("abort",function e(t,r){return()=>{t.abort(),r.removeEventListener("abort",e(t,r))}}(n,c)),Promise.race([r(o,{...a,signal:i}),new Promise((e,t)=>{setTimeout(()=>{h=!0,n.abort(),t(new s(`${o} after ${u}ms`))},u)})]).catch(e=>{if("AbortError"===e.name&&h)throw new s(`${o} after ${u}ms`);throw e})}};const i=(e,t)=>(Object.keys(t).forEach(r=>{Object.prototype.hasOwnProperty.call(e,r)&&"object"==typeof e[r]&&!Array.isArray(e[r])?i(e[r],t[r]):e[r]=t[r]}),e);var c=(e,...t)=>(t.forEach(t=>i(e,t)),e);const{URL:u}=r,{CookieJar:h,parse:m,getPublicSuffix:d}=o,f=e=>e?e.split(";").map(e=>m(e)):[],l=()=>0;var p={createTimeoutFetch:n,createBrowserLikeFetch:function({headers:e={},hostname:t,res:r={cookie:l},setCookie:o,trustedURLs:a=[],trustedDomains:s}={}){r.cookie=o||r.cookie,s&&(console.warn("createBrowserLikeFetch: trustedDomains option is deprecated in favor of trustedURLs, adding entries to trustedURLs"),a=[...a,...s]);const n=new h,i=t&&"."+d(t),p=f(e.cookie);return o=>(s,h={})=>{let l={...h};if(!h.credentials)return o(s,l);if(k=s,a.some(e=>new RegExp(e).test(k))){const t=((...e)=>[...new Map(e.map(e=>[e.key,e])).values()].map(e=>e.cookieString()).join("; "))(...p,...n.getCookiesSync(s),...f(h.headers&&h.headers.cookie));l=c(l,{headers:t?{...e,cookie:t}:e})}var k;return t?o(s,l).then(e=>((e.headers.raw()["set-cookie"]||[]).forEach(e=>{const t=m(e),{key:o,value:a,...c}=t.toJSON();try{n.setCookieSync(t,s)}catch(e){return void console.warn(`Warning: failed to set cookie "${o}" from path "${s}" with the following error, "${e.message}"`)}c.domain||(c.domain=d(new u(s).hostname));const h=c.domain;if(!h||!("."+h).endsWith(i))return;const f=decodeURIComponent(a),l={...c,...c.maxAge?{maxAge:1e3*c.maxAge}:void 0};r.cookie(o,f,l)}),e)):o(s,l)}}},k=p.createTimeoutFetch,w=p.createBrowserLikeFetch;exports.createBrowserLikeFetch=w,exports.createTimeoutFetch=k,exports.default=p; |
| { | ||
| "name": "@americanexpress/fetch-enhancers", | ||
| "version": "1.0.6", | ||
| "version": "1.0.7", | ||
| "description": "Set of enhancers to extend fetch", | ||
@@ -5,0 +5,0 @@ "main": "lib/fetch-enhancers.js", |
@@ -120,3 +120,3 @@ <h1 align="center"> | ||
| res, // Express response | ||
| trustedDomains: [/example\.com/], | ||
| trustedURLs: [/^https:\/\/([^./]+\.)*example\.com(\/.*)?$/], | ||
| })(mockFetch); | ||
@@ -164,15 +164,26 @@ ``` | ||
| }), | ||
| trustedDomains: [/example\.com/], | ||
| trustedURLs: [/^https:\/\/([^./]+\.)*example\.com(\/.*)?$/], | ||
| })(mockFetch); | ||
| ``` | ||
| ##### `trustedDomains` | ||
| ##### `trustedURLs` | ||
| A list of [regular expressions](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions) used to test the path given to fetch when making a request. | ||
| A list of [regular expressions](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions) used to test the first argument given to fetch when making a request. | ||
| If the test is successful the enhanced fetch will include provided cookies. | ||
| ```js | ||
| const trustedDomains = [/api\.example\.com/, /another\.example\.com/]; | ||
| const trustedURLs = [ | ||
| /^https:\/\/api\.example\.com(\/.*)?$/, | ||
| /^https:\/\/another\.example\.com(\/.*)?$/, | ||
| // or, more permissively all subdomains, including none | ||
| /^https:\/\/([^./]+\.)*example\.com(\/.*)?$/, | ||
| ]; | ||
| ``` | ||
| As these are regular expressions, be careful to consider values that you also do **not** want matched (ex: `https://example.com.evil.tld/pwned`). | ||
| ##### `trustedDomains` | ||
| Renamed to `trustedURLs`. Usage of `trustedDomains` is deprecated, but values are added to those of `trustedURLs` until the next breaking version. | ||
| #### Example | ||
@@ -195,3 +206,3 @@ | ||
| res, // Express response | ||
| trustedDomains: [/example\.com/], | ||
| trustedURLs: [/^https:\/\/([^./]+\.)*example\.com(\/.*)?$/], | ||
| })(mockFetch); | ||
@@ -198,0 +209,0 @@ |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by3.76%
44448
- Lines of code
- increased by2.65%
387
- Number of lines in readme file
- increased by4.03%
284
No dependency changes