Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

apollo-server-plugin-http-headers

Package Overview
Dependencies
Maintainers
1
Versions
5
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

apollo-server-plugin-http-headers

Allows you to set HTTP Headers and Cookies easily in your apollo server resolvers.

  • 0.1.3
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
674
increased by7.15%
Maintainers
1
Weekly downloads
 
Created
Source

apollo-server-plugin-http-headers

Allows you to set HTTP Headers and Cookies easily in your resolvers. This is especially useful in apollo-server-lambda, because you don't have any other options there to set headers or cookies.

The way it works is simple: you put an array for cookies and an array for headers in your context; you can then access them in your resolvers (and therefore add, alter or delete headers and cookies). Before your request is sent to the client this plugin loops through the arrays and adds every item to the HTTP response. The logic is very easy, actually the documentation is way longer than the source code.

Installation

Install the package

npm install apollo-server-plugin-http-headers

Register plugin

Import and register the plugin, then add setHeaders and setCookies to context:

const httpHeadersPlugin = require("apollo-server-plugin-http-headers");

const server = new ApolloServer({
    typeDefs,
    resolvers,
    plugins: [httpHeadersPlugin],
    context: {
        setCookies: new Array(),
        setHeaders: new Array()
    }
});

Please note: The context argument varies depending on the specific integration (e.g. Express, Koa, Lambda, etc.) being used. See the official apollo-server documentation for more details. Example for the Lambda integration (apollo-server-lambda):

const httpHeadersPlugin = require("apollo-server-plugin-http-headers");

const server = new ApolloServer({
    typeDefs,
    resolvers,
    plugins: [httpHeadersPlugin],
    context: ({ event, context }) => {
        return {
            event,
            context,
            setCookies: new Array(),
            setHeaders: new Array()
        };
    }
});

Usage

Headers

Set a header in a resolver:

context.setHeaders.push({ key: "headername", value: "headercontent" });

Complete example:

const resolvers = {
    Query: {
        hello: async (parent, args, context, info) => {
            context.setHeaders.push({ key: "X-TEST-ONE", value: "abc" });
            context.setHeaders.push({ key: "X-TEST-TWO", value: "def" });
            return "Hello world!";
        }
    }
};

Cookies

Set a cookie in a resolver:

context.setCookies.push({
    name: "cookieName",
    value: "cookieContent",
    options: {
        domain: "example.com",
        expires: new Date("2021-01-01T00:00:00"),
        httpOnly: true,
        maxAge: 3600,
        path: "/",
        sameSite: true,
        secure: true
    }
});

Complete example:

const resolvers = {
    Query: {
        hello: async (parent, args, context, info) => {

            context.setCookies.push({
                name: "cookieName",
                value: "cookieContent",
                options: {
                    domain: "example.com",
                    expires: new Date("2021-01-01T00:00:00"),
                    httpOnly: true,
                    maxAge: 3600,
                    path: "/",
                    sameSite: true,
                    secure: true
                }
            });

            return "Hello world!";
        }
    }
};

This package uses jshttp/cookie for serializing cookies and you can use all the options they provide. Find an overview below or the complete documentation here.

optiondescription
domainSpecifies the value for the Domain Set-Cookie attribute. By default, no domain is set.
encodeSpecifies a function that will be used to encode a cookie's value. Default: encodeURIComponent
expiresSpecifies the Date object to be the value for the Expires Set-Cookie attribute. If expires and maxAge are set, maxAge mostly wins on the client side. By default, no expiration is set.
httpOnlySpecifies the boolean value for the HttpOnly Set-Cookie attribute. Defaults to false.
maxAgeSpecifies the number (in seconds) to be the value for the Max-Age Set-Cookie attribute. By default, no maximum age is set.
pathSpecifies the value for the Path Set-Cookie attribute. By default, no path is set and the user agent computes a path according to these algorithms.
sameSiteSpecifies the boolean or string to be the value for the SameSite Set-Cookie attribute. Valid values: true, false, 'lax', 'none' and 'strict'.
secureSpecifies the boolean value for the Secure Set-Cookie attribute.By default, the Secure attribute is not set.

Limitations

There is at the moment no possility to set multiple cookies because apollo server does not support that. Find details and workaround inspiration here. If you add multiple items to setCookie I'll throw an exception at your face (-;

Keywords

FAQs

Package last updated on 16 Jan 2020

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc