Security News
MCP Steering Committee Launches Official MCP Registry in Preview
The MCP Steering Committee has launched the official MCP Registry in preview, a central hub for discovering and publishing MCP servers.
By Sarah Gooding - Sep 09, 2025
@tinyhttp/cookie-signature
Advanced tools
What is @tinyhttp/cookie-signature?
@tinyhttp/cookie-signature is a lightweight npm package used for signing and unsigning cookies. It provides a simple API to ensure the integrity of cookies by generating a signature and verifying it.
What are @tinyhttp/cookie-signature's main functionalities?
Sign a Cookie
This feature allows you to sign a cookie value with a secret key. The `sign` method generates a signed version of the cookie value, which can be used to ensure the integrity of the cookie.
const cookieSignature = require('@tinyhttp/cookie-signature');
const value = 'cookieValue';
const secret = 'mySecret';
const signedValue = cookieSignature.sign(value, secret);
console.log(signedValue);Unsign a Cookie
This feature allows you to unsign a signed cookie value using the same secret key. The `unsign` method verifies the signature and returns the original value if the signature is valid, otherwise it returns false.
const cookieSignature = require('@tinyhttp/cookie-signature');
const signedValue = 'cookieValue.signedPart';
const secret = 'mySecret';
const unsignedValue = cookieSignature.unsign(signedValue, secret);
if (unsignedValue) {
console.log('Valid signature:', unsignedValue);
} else {
console.log('Invalid signature');
}Other packages similar to @tinyhttp/cookie-signature
cookie-signature
The `cookie-signature` package provides similar functionality for signing and unsigning cookie values. It is a lightweight package that ensures the integrity of cookies by generating and verifying signatures. It is widely used in the Express.js ecosystem.
cookie-parser
The `cookie-parser` package is a middleware for parsing cookies in Express.js applications. It includes functionality for signing and unsigning cookies, similar to @tinyhttp/cookie-signature, but also provides additional features for parsing and managing cookies in HTTP requests.
cookies
The `cookies` package is a general-purpose cookie management library for Node.js. It provides methods for setting, getting, and deleting cookies, as well as signing and unsigning cookie values. It offers a more comprehensive set of features compared to @tinyhttp/cookie-signature.
@tinyhttp/cookie-signature
HTTP cookie signing and unsigning. A rewrite of cookie-signature module.
Install
pnpm i @tinyhttp/cookie-signature
API
import { sign, unsign } from '@tinyhttp/cookie-signature'
sign(val, secret)
Signd the given val with secret.
unsign(val, secret)
Unsign and decode the given val with secret, returning false if the signature is invalid.
FAQs
Package last updated on 26 Jun 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Pull Request Stories to Help Security Teams Track Supply Chain Risks
Socket’s new Pull Request Stories give security teams clear visibility into dependency risks and outcomes across scanned pull requests.
By André Staltz - Sep 08, 2025
Research
/Security News
npm Author Qix Compromised via Phishing Email in Major Supply Chain Attack
npm author Qix’s account was compromised, with malicious versions of popular packages like chalk-template, color-convert, and strip-ansi published.
By Sarah Gooding, Olivia Brown, Kush Pandya, Philipp Burckhardt, Peter van der Zee, Douglas Coburn - Sep 08, 2025