cookie-parser
Advanced tools
Comparing version 1.0.1 to 1.1.0
31
index.js
@@ -0,1 +1,10 @@ | ||
/*! | ||
* cookie-parser | ||
* MIT Licensed | ||
*/ | ||
/** | ||
* Module dependencies. | ||
*/ | ||
var cookie = require('cookie'); | ||
@@ -5,17 +14,7 @@ var parse = require('./lib/parse'); | ||
/** | ||
* Parse _Cookie_ header and populate `req.cookies` | ||
* with an object keyed by the cookie names. Optionally | ||
* you may enabled signed cookie support by passing | ||
* a `secret` string, which assigns `req.secret` so | ||
* it may be used by other middleware. | ||
* Parse Cookie header and populate `req.cookies` | ||
* with an object keyed by the cookie names. | ||
* | ||
* Examples: | ||
* | ||
* connect() | ||
* .use(connect.cookieParser('optional secret string')) | ||
* .use(function(req, res, next){ | ||
* res.end(JSON.stringify(req.cookies)); | ||
* }) | ||
* | ||
* @param {String} secret | ||
* @param {String} [secret] | ||
* @param {Object} [options] | ||
* @return {Function} | ||
@@ -25,3 +24,3 @@ * @api public | ||
module.exports = function cookieParser(secret, opt){ | ||
module.exports = function cookieParser(secret, options){ | ||
return function cookieParser(req, res, next) { | ||
@@ -37,3 +36,3 @@ if (req.cookies) return next(); | ||
try { | ||
req.cookies = cookie.parse(cookies, opt); | ||
req.cookies = cookie.parse(cookies, options); | ||
if (secret) { | ||
@@ -40,0 +39,0 @@ req.signedCookies = parse.signedCookies(req.cookies, secret); |
{ | ||
"name": "cookie-parser", | ||
"version": "1.0.1", | ||
"version": "1.1.0", | ||
"description": "cookie parsing with signatures", | ||
@@ -12,9 +12,8 @@ "keywords": [ | ||
"dependencies": { | ||
"cookie": "0.1.0", | ||
"cookie": "0.1.2", | ||
"cookie-signature": "1.0.3" | ||
}, | ||
"devDependencies": { | ||
"mocha": "~1.17.0", | ||
"connect": "2.13.0", | ||
"supertest": "0.9.0" | ||
"mocha": "~1.18.2", | ||
"supertest": "~0.12.1" | ||
}, | ||
@@ -24,3 +23,3 @@ "licenses": "MIT", | ||
"engines": { | ||
"node": ">= 0.10.0" | ||
"node": ">= 0.8.0" | ||
}, | ||
@@ -27,0 +26,0 @@ "scripts": { |
@@ -1,8 +0,28 @@ | ||
# cookie-parser | ||
# cookie-parser [![Build Status](https://travis-ci.org/expressjs/cookie-parser.svg?branch=master)](https://travis-ci.org/expressjs/cookie-parser) [![NPM Version](https://badge.fury.io/js/cookie-parser.svg)](https://badge.fury.io/js/cookie-parser) | ||
Parse _Cookie_ header and populate `req.cookies` with an object keyed by the cookie | ||
Parse `Cookie` header and populate `req.cookies` with an object keyed by the cookie | ||
names. Optionally you may enabled signed cookie support by passing a `secret` string, | ||
which assigns `req.secret` so it may be used by other middleware. | ||
## Install | ||
```sh | ||
$ npm install cookie-parser | ||
``` | ||
## API | ||
```js | ||
var cookieParser = require('cookie-parser') | ||
``` | ||
### cookieParser(secret, options) | ||
- `secret` a string used for signing cookies. This is optional and if not specified, will not parse signed cookies. | ||
- `options` an object that is passed to `cookie.parse` as the second option. See [cookie](https://www.npmjs.org/package/cookie) for more information. | ||
- `decode` a funcction to decode the value of the cookie | ||
## Example | ||
```js | ||
var cookieParser = require('cookie-parser'); | ||
@@ -17,10 +37,4 @@ | ||
## install | ||
```shell | ||
npm install cookie-parser | ||
``` | ||
## License | ||
MIT |
@@ -1,30 +0,24 @@ | ||
var connect = require('connect') | ||
, request = require('supertest') | ||
, signature = require('cookie-signature'); | ||
var app = connect(); | ||
var cookieParser = require('..') | ||
var http = require('http') | ||
var request = require('supertest') | ||
var signature = require('cookie-signature') | ||
app.use(connect.cookieParser('keyboard cat')); | ||
describe('connect.cookieParser()', function(){ | ||
var server | ||
before(function(){ | ||
server = createServer('keyboard cat') | ||
}) | ||
app.use(function(req, res, next){ | ||
if ('/signed' != req.url) return next(); | ||
res.end(JSON.stringify(req.signedCookies)); | ||
}); | ||
app.use(function(req, res, next){ | ||
res.end(JSON.stringify(req.cookies)); | ||
}); | ||
describe('connect.cookieParser()', function(){ | ||
describe('when no cookies are sent', function(){ | ||
it('should default req.cookies to {}', function(done){ | ||
request(app) | ||
request(server) | ||
.get('/') | ||
.expect('{}', done); | ||
.expect(200, '{}', done) | ||
}) | ||
it('should default req.signedCookies to {}', function(done){ | ||
request(app) | ||
request(server) | ||
.get('/signed') | ||
.expect('{}', done); | ||
.expect(200, '{}', done) | ||
}) | ||
@@ -35,6 +29,6 @@ }) | ||
it('should populate req.cookies', function(done){ | ||
request(app) | ||
request(server) | ||
.get('/') | ||
.set('Cookie', 'foo=bar; bar=baz') | ||
.expect('{"foo":"bar","bar":"baz"}', done); | ||
.expect(200, '{"foo":"bar","bar":"baz"}', done) | ||
}) | ||
@@ -48,24 +42,26 @@ }) | ||
it('should populate req.signedCookies', function(done){ | ||
request(app) | ||
request(server) | ||
.get('/signed') | ||
.set('Cookie', 'foo=s:' + val) | ||
.expect('{"foo":"foobarbaz"}', done); | ||
.expect(200, '{"foo":"foobarbaz"}', done) | ||
}) | ||
it('should remove the signed value from req.cookies', function(done){ | ||
request(app) | ||
request(server) | ||
.get('/') | ||
.set('Cookie', 'foo=s:' + val) | ||
.expect('{}', done); | ||
.expect(200, '{}', done) | ||
}) | ||
it('should omit invalid signatures', function(done){ | ||
request(app) | ||
server.listen() | ||
request(server) | ||
.get('/signed') | ||
.set('Cookie', 'foo=' + val + '3') | ||
.expect('{}', function(){ | ||
request(app) | ||
.expect(200, '{}', function(err){ | ||
if (err) return done(err) | ||
request(server) | ||
.get('/') | ||
.set('Cookie', 'foo=' + val + '3') | ||
.expect('{"foo":"foobarbaz.CP7AWaXDfAKIRfH49dQzKJx7sKzzSoPq7/AcBBRVwlI3"}', done); | ||
.expect(200, '{"foo":"foobarbaz.CP7AWaXDfAKIRfH49dQzKJx7sKzzSoPq7/AcBBRVwlI3"}', done) | ||
}); | ||
@@ -75,1 +71,19 @@ }) | ||
}) | ||
function createServer(secret) { | ||
var _parser = cookieParser(secret) | ||
return http.createServer(function(req, res){ | ||
_parser(req, res, function(err){ | ||
if (err) { | ||
res.statusCode = 500 | ||
res.end(err.message) | ||
return | ||
} | ||
var cookies = '/signed' === req.url | ||
? req.signedCookies | ||
: req.cookies | ||
res.end(JSON.stringify(cookies)) | ||
}) | ||
}) | ||
} |
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
spdx disjunction for an artifact's license information
Licensespdx disjunction for an artifact's license information
Found 1 instance in 1 package
spdx disjunction for an artifact's license information
Licensespdx disjunction for an artifact's license information
Found 1 instance in 1 package
No License Found
License(Experimental) License information could not be found
Found 1 instance in 1 package
7704
2
9
1
171
40
2
+ Addedcookie@0.1.2(transitive)
- Removedcookie@0.1.0(transitive)
Updatedcookie@0.1.2