		@@ -0,7 +1,6 @@
		import { StateOptions, SameSitePolicy } from '@hapi/statehood';

		import { SealOptions, SealOptionsSub } from '@hapi/iron';

		import { Request } from '../request';

		export type SameSitePolicy = false \| 'None' \| 'Lax' \| 'Strict';
		export { SameSitePolicy };

		@@ -12,63 +11,4 @@ /**
		*/
		export interface ServerStateCookieOptions {
		/** time-to-live in milliseconds. Defaults to null (session time-life - cookies are deleted when the browser is closed). */
		ttl?: number \| null \| undefined;
		/** sets the 'Secure' flag. Defaults to true. */
		isSecure?: boolean \| undefined;
		/** sets the 'HttpOnly' flag. Defaults to true. */
		isHttpOnly?: boolean \| undefined;
		/**
		* sets the 'SameSite' flag. The value must be one of:
		* * false - no flag.
		* * 'Strict' - sets the value to 'Strict' (this is the default value).
		* * 'Lax' - sets the value to 'Lax'.
		*/
		isSameSite?: SameSitePolicy \| undefined;
		/** the path scope. Defaults to null (no path). */
		path?: string \| null \| undefined;
		/** the domain scope. Defaults to null (no domain). */
		domain?: string \| null \| undefined;
		export interface ServerStateCookieOptions extends StateOptions<Request> {}

		/**
		* if present and the cookie was not received from the client or explicitly set by the route handler, the
		* cookie is automatically added to the response with the provided value. The value can be
		* a function with signature async function(request) where:
		*/
		autoValue?(request: Request): void;

		/**
		* encoding performs on the provided value before serialization. Options are:
		* * 'none' - no encoding. When used, the cookie value must be a string. This is the default value.
		* * 'base64' - string value is encoded using Base64.
		* * 'base64json' - object value is JSON-stringified then encoded using Base64.
		* * 'form' - object value is encoded using the x-www-form-urlencoded method.
		* * 'iron' - Encrypts and sign the value using iron.
		*/
		encoding?: 'none' \| 'base64' \| 'base64json' \| 'form' \| 'iron' \| undefined;
		/**
		* an object used to calculate an HMAC for cookie integrity validation. This does not provide privacy, only a mean
		* to verify that the cookie value was generated by the server. Redundant when 'iron' encoding is used. Options are:
		* * integrity - algorithm options. Defaults to require('@hapi/iron').defaults.integrity.
		* * password - password used for HMAC key generation (must be at least 32 characters long).
		*/
		sign?: {
		integrity?: SealOptionsSub \| undefined;
		password: string;
		} \| undefined;
		/** password used for 'iron' encoding (must be at least 32 characters long). */
		password?: string \| undefined;
		/** options for 'iron' encoding. Defaults to require('@hapi/iron').defaults. */
		iron?: SealOptions \| undefined;
		/** if true, errors are ignored and treated as missing cookies. */
		ignoreErrors?: boolean \| undefined;
		/** if true, automatically instruct the client to remove invalid cookies. Defaults to false. */
		clearInvalid?: boolean \| undefined;
		/** if false, allows any cookie value including values in violation of RFC 6265. Defaults to true. */
		strictHeader?: boolean \| undefined;
		/** used by proxy plugins (e.g. h2o2). */
		passThrough?: any \| undefined;
		/** a function using the signature `async function(definition, request)` used to override a request-specific cookie settings */
		contextualize?(definition: ServerStateCookieOptions, request: Request): void \| Promise<void>;
		}

		/**
		@@ -75,0 +15,0 @@ * A single object or an array of object where each contains:

+2

-2

package.json

		@@ -5,3 +5,3 @@ {
		"homepage": "https://hapi.dev",
		"version": "21.3.1",
		"version": "21.3.2",
		"repository": "git://github.com/hapijs/hapi",
		@@ -41,3 +41,3 @@ "main": "lib/index.js",
		"@hapi/somever": "^4.1.1",
		"@hapi/statehood": "^8.0.1",
		"@hapi/statehood": "^8.1.1",
		"@hapi/subtext": "^8.1.0",
		@@ -44,0 +44,0 @@ "@hapi/teamwork": "^6.0.0",

@hapi/hapi - npm Package Compare versions

New alerts

Fixed alerts

Worsened metrics

Dependency changes