cookie-parser
Advanced tools
Comparing version 1.4.3 to 1.4.4
@@ -0,1 +1,6 @@ | ||
1.4.4 / 2019-02-12 | ||
================== | ||
* perf: normalize `secret` argument only once | ||
1.4.3 / 2016-05-26 | ||
@@ -2,0 +7,0 @@ ================== |
113
index.js
@@ -8,3 +8,3 @@ /*! | ||
'use strict'; | ||
'use strict' | ||
@@ -16,4 +16,4 @@ /** | ||
var cookie = require('cookie'); | ||
var signature = require('cookie-signature'); | ||
var cookie = require('cookie') | ||
var signature = require('cookie-signature') | ||
@@ -25,7 +25,7 @@ /** | ||
module.exports = cookieParser; | ||
module.exports.JSONCookie = JSONCookie; | ||
module.exports.JSONCookies = JSONCookies; | ||
module.exports.signedCookie = signedCookie; | ||
module.exports.signedCookies = signedCookies; | ||
module.exports = cookieParser | ||
module.exports.JSONCookie = JSONCookie | ||
module.exports.JSONCookies = JSONCookies | ||
module.exports.signedCookie = signedCookie | ||
module.exports.signedCookies = signedCookies | ||
@@ -42,35 +42,36 @@ /** | ||
function cookieParser(secret, options) { | ||
return function cookieParser(req, res, next) { | ||
function cookieParser (secret, options) { | ||
var secrets = !secret || Array.isArray(secret) | ||
? (secret || []) | ||
: [secret] | ||
return function cookieParser (req, res, next) { | ||
if (req.cookies) { | ||
return next(); | ||
return next() | ||
} | ||
var cookies = req.headers.cookie; | ||
var secrets = !secret || Array.isArray(secret) | ||
? (secret || []) | ||
: [secret]; | ||
var cookies = req.headers.cookie | ||
req.secret = secrets[0]; | ||
req.cookies = Object.create(null); | ||
req.signedCookies = Object.create(null); | ||
req.secret = secrets[0] | ||
req.cookies = Object.create(null) | ||
req.signedCookies = Object.create(null) | ||
// no cookies | ||
if (!cookies) { | ||
return next(); | ||
return next() | ||
} | ||
req.cookies = cookie.parse(cookies, options); | ||
req.cookies = cookie.parse(cookies, options) | ||
// parse signed cookies | ||
if (secrets.length !== 0) { | ||
req.signedCookies = signedCookies(req.cookies, secrets); | ||
req.signedCookies = JSONCookies(req.signedCookies); | ||
req.signedCookies = signedCookies(req.cookies, secrets) | ||
req.signedCookies = JSONCookies(req.signedCookies) | ||
} | ||
// parse JSON cookies | ||
req.cookies = JSONCookies(req.cookies); | ||
req.cookies = JSONCookies(req.cookies) | ||
next(); | ||
}; | ||
next() | ||
} | ||
} | ||
@@ -86,11 +87,11 @@ | ||
function JSONCookie(str) { | ||
function JSONCookie (str) { | ||
if (typeof str !== 'string' || str.substr(0, 2) !== 'j:') { | ||
return undefined; | ||
return undefined | ||
} | ||
try { | ||
return JSON.parse(str.slice(2)); | ||
return JSON.parse(str.slice(2)) | ||
} catch (err) { | ||
return undefined; | ||
return undefined | ||
} | ||
@@ -107,17 +108,17 @@ } | ||
function JSONCookies(obj) { | ||
var cookies = Object.keys(obj); | ||
var key; | ||
var val; | ||
function JSONCookies (obj) { | ||
var cookies = Object.keys(obj) | ||
var key | ||
var val | ||
for (var i = 0; i < cookies.length; i++) { | ||
key = cookies[i]; | ||
val = JSONCookie(obj[key]); | ||
key = cookies[i] | ||
val = JSONCookie(obj[key]) | ||
if (val) { | ||
obj[key] = val; | ||
obj[key] = val | ||
} | ||
} | ||
return obj; | ||
return obj | ||
} | ||
@@ -134,9 +135,9 @@ | ||
function signedCookie(str, secret) { | ||
function signedCookie (str, secret) { | ||
if (typeof str !== 'string') { | ||
return undefined; | ||
return undefined | ||
} | ||
if (str.substr(0, 2) !== 's:') { | ||
return str; | ||
return str | ||
} | ||
@@ -146,13 +147,13 @@ | ||
? (secret || []) | ||
: [secret]; | ||
: [secret] | ||
for (var i = 0; i < secrets.length; i++) { | ||
var val = signature.unsign(str.slice(2), secrets[i]); | ||
var val = signature.unsign(str.slice(2), secrets[i]) | ||
if (val !== false) { | ||
return val; | ||
return val | ||
} | ||
} | ||
return false; | ||
return false | ||
} | ||
@@ -170,21 +171,21 @@ | ||
function signedCookies(obj, secret) { | ||
var cookies = Object.keys(obj); | ||
var dec; | ||
var key; | ||
var ret = Object.create(null); | ||
var val; | ||
function signedCookies (obj, secret) { | ||
var cookies = Object.keys(obj) | ||
var dec | ||
var key | ||
var ret = Object.create(null) | ||
var val | ||
for (var i = 0; i < cookies.length; i++) { | ||
key = cookies[i]; | ||
val = obj[key]; | ||
dec = signedCookie(val, secret); | ||
key = cookies[i] | ||
val = obj[key] | ||
dec = signedCookie(val, secret) | ||
if (val !== dec) { | ||
ret[key] = dec; | ||
delete obj[key]; | ||
ret[key] = dec | ||
delete obj[key] | ||
} | ||
} | ||
return ret; | ||
return ret | ||
} |
{ | ||
"name": "cookie-parser", | ||
"description": "cookie parsing with signatures", | ||
"version": "1.4.3", | ||
"description": "Parse HTTP request cookies", | ||
"version": "1.4.4", | ||
"author": "TJ Holowaychuk <tj@vision-media.ca> (http://tjholowaychuk.com)", | ||
@@ -20,5 +20,13 @@ "contributors": [ | ||
"devDependencies": { | ||
"istanbul": "0.4.3", | ||
"mocha": "2.5.3", | ||
"supertest": "1.1.0" | ||
"deep-equal": "1.0.1", | ||
"eslint": "5.13.0", | ||
"eslint-config-standard": "12.0.0", | ||
"eslint-plugin-import": "2.16.0", | ||
"eslint-plugin-markdown": "1.0.0", | ||
"eslint-plugin-node": "7.0.1", | ||
"eslint-plugin-promise": "4.0.1", | ||
"eslint-plugin-standard": "4.0.0", | ||
"istanbul": "0.4.5", | ||
"mocha": "5.2.0", | ||
"supertest": "3.4.2" | ||
}, | ||
@@ -34,2 +42,3 @@ "files": [ | ||
"scripts": { | ||
"lint": "eslint --plugin markdown --ext js,md .", | ||
"test": "mocha --reporter spec --bail --check-leaks test/", | ||
@@ -36,0 +45,0 @@ "test-cov": "istanbul cover node_modules/mocha/bin/_mocha -- --reporter dot --check-leaks test/", |
# cookie-parser | ||
[![NPM Version][npm-image]][npm-url] | ||
[![NPM Downloads][downloads-image]][downloads-url] | ||
[![Node.js Version][node-version-image]][node-version-url] | ||
[![NPM Version][npm-version-image]][npm-url] | ||
[![NPM Downloads][npm-downloads-image]][npm-url] | ||
[![Build Status][travis-image]][travis-url] | ||
@@ -22,3 +21,3 @@ [![Test Coverage][coveralls-image]][coveralls-url] | ||
```js | ||
var express = require('express') | ||
var express = require('express') | ||
var cookieParser = require('cookie-parser') | ||
@@ -42,7 +41,7 @@ | ||
Given an object, this will iterate over the keys and call `JSONCookie` on each value. This will return the same object passed in. | ||
Given an object, this will iterate over the keys and call `JSONCookie` on each value, replacing the original value with the parsed value. This returns the same object that was passed in. | ||
### cookieParser.signedCookie(str, secret) | ||
Parse a cookie value as a signed cookie. This will return the parsed unsigned value if it was a signed cookie and the signature was valid, otherwise it will return the passed value. | ||
Parse a cookie value as a signed cookie. This will return the parsed unsigned value if it was a signed cookie and the signature was valid. If the value was not signed, the original value is returned. If the value was signed but the signature could not be validated, `false` is returned. | ||
@@ -60,3 +59,3 @@ The `secret` argument can be an array or string. If a string is provided, this is used as the secret. If an array is provided, an attempt will be made to unsign the cookie with each secret in order. | ||
```js | ||
var express = require('express') | ||
var express = require('express') | ||
var cookieParser = require('cookie-parser') | ||
@@ -67,4 +66,8 @@ | ||
app.get('/', function(req, res) { | ||
app.get('/', function (req, res) { | ||
// Cookies that have not been signed | ||
console.log('Cookies: ', req.cookies) | ||
// Cookies that have been signed | ||
console.log('Signed Cookies: ', req.signedCookies) | ||
}) | ||
@@ -80,11 +83,8 @@ | ||
[npm-image]: https://img.shields.io/npm/v/cookie-parser.svg | ||
[coveralls-image]: https://badgen.net/coveralls/c/github/expressjs/cookie-parser/master | ||
[coveralls-url]: https://coveralls.io/r/expressjs/cookie-parser?branch=master | ||
[npm-downloads-image]: https://badgen.net/npm/dm/cookie-parser | ||
[npm-url]: https://npmjs.org/package/cookie-parser | ||
[node-version-image]: https://img.shields.io/node/v/cookie-parser.svg | ||
[node-version-url]: https://nodejs.org/en/download | ||
[travis-image]: https://img.shields.io/travis/expressjs/cookie-parser/master.svg | ||
[npm-version-image]: https://badgen.net/npm/v/cookie-parser | ||
[travis-image]: https://badgen.net/travis/expressjs/cookie-parser/master | ||
[travis-url]: https://travis-ci.org/expressjs/cookie-parser | ||
[coveralls-image]: https://img.shields.io/coveralls/expressjs/cookie-parser/master.svg | ||
[coveralls-url]: https://coveralls.io/r/expressjs/cookie-parser?branch=master | ||
[downloads-image]: https://img.shields.io/npm/dm/cookie-parser.svg | ||
[downloads-url]: https://npmjs.org/package/cookie-parser |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
11188
11