@fastify/cookie - npm Package Compare versions

Comparing version 9.3.0 to 9.3.1

cookie.js

@@ -155,2 +155,22 @@ /*!
 
+  if (opt.priority) {
+    const priority = typeof opt.priority === 'string'
+      ? opt.priority.toLowerCase()
+      : opt.priority
+
+    switch (priority) {
+      case 'low':
+        str += '; Priority=Low'
+        break
+      case 'medium':
+        str += '; Priority=Medium'
+        break
+      case 'high':
+        str += '; Priority=High'
+        break
+      default:
+        throw new TypeError('option priority is invalid')
+    }
+  }
+
   if (opt.expires) {
@@ -157,0 +177,0 @@ if (typeof opt.expires.toUTCString !== 'function') {

package.json

 {
   "name": "@fastify/cookie",
-  "version": "9.3.0",
+  "version": "9.3.1",
   "description": "Plugin for fastify to add support for cookies",
@@ -5,0 +5,0 @@ "main": "plugin.js",

README.md

@@ -154,2 +154,16 @@ # @fastify/cookie
 
+
+##### priority
+
+Specifies the `string` to be the value for the [`Priority` `Set-Cookie` attribute](https://tools.ietf.org/html/draft-west-cookie-priority-00#section-4.1).
+
+  - `'low'` will set the `Priority` attribute to `Low`.
+  - `'medium'` will set the `Priority` attribute to `Medium`, the default priority when not set.
+  - `'high'` will set the `Priority` attribute to `High`.
+
+More information about the different priority levels can be found in
+[the specification](https://tools.ietf.org/html/draft-west-cookie-priority-00#section-4.1).
+
+⚠️ **Warning:** This is an attribute that has not yet been fully standardized, and may change in the future without reflecting the semver versioning. This also means many clients may ignore the attribute until they understand it.
+
 ##### path
@@ -156,0 +170,0 @@

test/cookie-module.test.js

@@ -206,1 +206,19 @@ 'use strict'
 })
+
+test('serializer: priority', (t) => {
+  t.plan(8)
+  t.same(cookie.serialize('foo', 'bar', { priority: 'Low' }), 'foo=bar; Priority=Low')
+  t.same(cookie.serialize('foo', 'bar', { priority: 'low' }), 'foo=bar; Priority=Low')
+  t.same(cookie.serialize('foo', 'bar', { priority: 'Medium' }), 'foo=bar; Priority=Medium')
+  t.same(cookie.serialize('foo', 'bar', { priority: 'medium' }), 'foo=bar; Priority=Medium')
+  t.same(cookie.serialize('foo', 'bar', { priority: 'High' }), 'foo=bar; Priority=High')
+  t.same(cookie.serialize('foo', 'bar', { priority: 'high' }), 'foo=bar; Priority=High')
+
+  t.throws(cookie.serialize.bind(cookie, 'foo', 'bar', {
+    priority: 'foo'
+  }), /option priority is invalid/)
+  t.throws(cookie.serialize.bind(cookie, 'foo', 'bar', {
+    priority: true
+  }), /option priority is invalid/)
+  t.end()
+})

types/plugin.d.ts

@@ -118,14 +118,17 @@ /// <reference types='node' />
     encode?(val: string): string;
-    /**  The expiration `date` used for the `Expires` attribute. If both `expires` and `maxAge` are set, then `expires` is used. */
+    /** The expiration `date` used for the `Expires` attribute. If both `expires` and `maxAge` are set, then `expires` is used. */
     expires?: Date;
-    /**  The `boolean` value of the `HttpOnly` attribute. Defaults to true. */
+    /** The `boolean` value of the `HttpOnly` attribute. Defaults to true. */
     httpOnly?: boolean;
-    /**  A `number` in seconds that specifies the `Expires` attribute by adding the specified seconds to the current date. If both `expires` and `maxAge` are set, then `expires` is used. */
+    /** A `number` in seconds that specifies the `Expires` attribute by adding the specified seconds to the current date. If both `expires` and `maxAge` are set, then `expires` is used. */
     maxAge?: number;
+    /** A `boolean` indicating whether the cookie is tied to the top-level site where it's initially set and cannot be accessed from elsewhere. */
     partitioned?: boolean;
-    /**  The `Path` attribute. Defaults to `/` (the root path).  */
+    /** The `Path` attribute. Defaults to `/` (the root path).  */
     path?: string;
     /** A `boolean` or one of the `SameSite` string attributes. E.g.: `lax`, `none` or `strict`.  */
     sameSite?: 'lax' | 'none' | 'strict' | boolean;
-    /**  The `boolean` value of the `Secure` attribute. Set this option to false when communicating over an unencrypted (HTTP) connection. Value can be set to `auto`; in this case the `Secure` attribute will be set to false for HTTP request, in case of HTTPS it will be set to true.  Defaults to true. */
+    /** One of the `Priority` string attributes (`low`, `medium` or `high`) specifying a retention priority for HTTP cookies that will be respected by user agents during cookie eviction. */
+    priority?: 'low' | 'medium' | 'high';
+    /** The `boolean` value of the `Secure` attribute. Set this option to false when communicating over an unencrypted (HTTP) connection. Value can be set to `auto`; in this case the `Secure` attribute will be set to false for HTTP request, in case of HTTPS it will be set to true.  Defaults to true. */
     secure?: boolean;
@@ -132,0 +135,0 @@ }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

94627

increased by2.63%

Lines of code

2345

increased by1.6%

Number of lines in readme file

378

increased by3.85%

No dependency changes