cookie-parser
Advanced tools
cookie-parser - npm Package Compare versions
Comparing version 1.4.3 to 1.4.4
@@ -0,1 +1,6 @@ | ||
| 1.4.4 / 2019-02-12 | ||
| ================== | ||
| * perf: normalize `secret` argument only once | ||
| 1.4.3 / 2016-05-26 | ||
@@ -2,0 +7,0 @@ ================== |
113
index.js
@@ -8,3 +8,3 @@ /*! | ||
| 'use strict'; | ||
| 'use strict' | ||
@@ -16,4 +16,4 @@ /** | ||
| var cookie = require('cookie'); | ||
| var signature = require('cookie-signature'); | ||
| var cookie = require('cookie') | ||
| var signature = require('cookie-signature') | ||
@@ -25,7 +25,7 @@ /** | ||
| module.exports = cookieParser; | ||
| module.exports.JSONCookie = JSONCookie; | ||
| module.exports.JSONCookies = JSONCookies; | ||
| module.exports.signedCookie = signedCookie; | ||
| module.exports.signedCookies = signedCookies; | ||
| module.exports = cookieParser | ||
| module.exports.JSONCookie = JSONCookie | ||
| module.exports.JSONCookies = JSONCookies | ||
| module.exports.signedCookie = signedCookie | ||
| module.exports.signedCookies = signedCookies | ||
@@ -42,35 +42,36 @@ /** | ||
| function cookieParser(secret, options) { | ||
| return function cookieParser(req, res, next) { | ||
| function cookieParser (secret, options) { | ||
| var secrets = !secret || Array.isArray(secret) | ||
| ? (secret || []) | ||
| : [secret] | ||
| return function cookieParser (req, res, next) { | ||
| if (req.cookies) { | ||
| return next(); | ||
| return next() | ||
| } | ||
| var cookies = req.headers.cookie; | ||
| var secrets = !secret || Array.isArray(secret) | ||
| ? (secret || []) | ||
| : [secret]; | ||
| var cookies = req.headers.cookie | ||
| req.secret = secrets[0]; | ||
| req.cookies = Object.create(null); | ||
| req.signedCookies = Object.create(null); | ||
| req.secret = secrets[0] | ||
| req.cookies = Object.create(null) | ||
| req.signedCookies = Object.create(null) | ||
| // no cookies | ||
| if (!cookies) { | ||
| return next(); | ||
| return next() | ||
| } | ||
| req.cookies = cookie.parse(cookies, options); | ||
| req.cookies = cookie.parse(cookies, options) | ||
| // parse signed cookies | ||
| if (secrets.length !== 0) { | ||
| req.signedCookies = signedCookies(req.cookies, secrets); | ||
| req.signedCookies = JSONCookies(req.signedCookies); | ||
| req.signedCookies = signedCookies(req.cookies, secrets) | ||
| req.signedCookies = JSONCookies(req.signedCookies) | ||
| } | ||
| // parse JSON cookies | ||
| req.cookies = JSONCookies(req.cookies); | ||
| req.cookies = JSONCookies(req.cookies) | ||
| next(); | ||
| }; | ||
| next() | ||
| } | ||
| } | ||
@@ -86,11 +87,11 @@ | ||
| function JSONCookie(str) { | ||
| function JSONCookie (str) { | ||
| if (typeof str !== 'string' || str.substr(0, 2) !== 'j:') { | ||
| return undefined; | ||
| return undefined | ||
| } | ||
| try { | ||
| return JSON.parse(str.slice(2)); | ||
| return JSON.parse(str.slice(2)) | ||
| } catch (err) { | ||
| return undefined; | ||
| return undefined | ||
| } | ||
@@ -107,17 +108,17 @@ } | ||
| function JSONCookies(obj) { | ||
| var cookies = Object.keys(obj); | ||
| var key; | ||
| var val; | ||
| function JSONCookies (obj) { | ||
| var cookies = Object.keys(obj) | ||
| var key | ||
| var val | ||
| for (var i = 0; i < cookies.length; i++) { | ||
| key = cookies[i]; | ||
| val = JSONCookie(obj[key]); | ||
| key = cookies[i] | ||
| val = JSONCookie(obj[key]) | ||
| if (val) { | ||
| obj[key] = val; | ||
| obj[key] = val | ||
| } | ||
| } | ||
| return obj; | ||
| return obj | ||
| } | ||
@@ -134,9 +135,9 @@ | ||
| function signedCookie(str, secret) { | ||
| function signedCookie (str, secret) { | ||
| if (typeof str !== 'string') { | ||
| return undefined; | ||
| return undefined | ||
| } | ||
| if (str.substr(0, 2) !== 's:') { | ||
| return str; | ||
| return str | ||
| } | ||
@@ -146,13 +147,13 @@ | ||
| ? (secret || []) | ||
| : [secret]; | ||
| : [secret] | ||
| for (var i = 0; i < secrets.length; i++) { | ||
| var val = signature.unsign(str.slice(2), secrets[i]); | ||
| var val = signature.unsign(str.slice(2), secrets[i]) | ||
| if (val !== false) { | ||
| return val; | ||
| return val | ||
| } | ||
| } | ||
| return false; | ||
| return false | ||
| } | ||
@@ -170,21 +171,21 @@ | ||
| function signedCookies(obj, secret) { | ||
| var cookies = Object.keys(obj); | ||
| var dec; | ||
| var key; | ||
| var ret = Object.create(null); | ||
| var val; | ||
| function signedCookies (obj, secret) { | ||
| var cookies = Object.keys(obj) | ||
| var dec | ||
| var key | ||
| var ret = Object.create(null) | ||
| var val | ||
| for (var i = 0; i < cookies.length; i++) { | ||
| key = cookies[i]; | ||
| val = obj[key]; | ||
| dec = signedCookie(val, secret); | ||
| key = cookies[i] | ||
| val = obj[key] | ||
| dec = signedCookie(val, secret) | ||
| if (val !== dec) { | ||
| ret[key] = dec; | ||
| delete obj[key]; | ||
| ret[key] = dec | ||
| delete obj[key] | ||
| } | ||
| } | ||
| return ret; | ||
| return ret | ||
| } |
| { | ||
| "name": "cookie-parser", | ||
| "description": "cookie parsing with signatures", | ||
| "version": "1.4.3", | ||
| "description": "Parse HTTP request cookies", | ||
| "version": "1.4.4", | ||
| "author": "TJ Holowaychuk <tj@vision-media.ca> (http://tjholowaychuk.com)", | ||
@@ -20,5 +20,13 @@ "contributors": [ | ||
| "devDependencies": { | ||
| "istanbul": "0.4.3", | ||
| "mocha": "2.5.3", | ||
| "supertest": "1.1.0" | ||
| "deep-equal": "1.0.1", | ||
| "eslint": "5.13.0", | ||
| "eslint-config-standard": "12.0.0", | ||
| "eslint-plugin-import": "2.16.0", | ||
| "eslint-plugin-markdown": "1.0.0", | ||
| "eslint-plugin-node": "7.0.1", | ||
| "eslint-plugin-promise": "4.0.1", | ||
| "eslint-plugin-standard": "4.0.0", | ||
| "istanbul": "0.4.5", | ||
| "mocha": "5.2.0", | ||
| "supertest": "3.4.2" | ||
| }, | ||
@@ -34,2 +42,3 @@ "files": [ | ||
| "scripts": { | ||
| "lint": "eslint --plugin markdown --ext js,md .", | ||
| "test": "mocha --reporter spec --bail --check-leaks test/", | ||
@@ -36,0 +45,0 @@ "test-cov": "istanbul cover node_modules/mocha/bin/_mocha -- --reporter dot --check-leaks test/", |
| # cookie-parser | ||
| [![NPM Version][npm-image]][npm-url] | ||
| [![NPM Downloads][downloads-image]][downloads-url] | ||
| [![Node.js Version][node-version-image]][node-version-url] | ||
| [![NPM Version][npm-version-image]][npm-url] | ||
| [![NPM Downloads][npm-downloads-image]][npm-url] | ||
| [![Build Status][travis-image]][travis-url] | ||
@@ -22,3 +21,3 @@ [![Test Coverage][coveralls-image]][coveralls-url] | ||
| ```js | ||
| var express = require('express') | ||
| var express = require('express') | ||
| var cookieParser = require('cookie-parser') | ||
@@ -42,7 +41,7 @@ | ||
| Given an object, this will iterate over the keys and call `JSONCookie` on each value. This will return the same object passed in. | ||
| Given an object, this will iterate over the keys and call `JSONCookie` on each value, replacing the original value with the parsed value. This returns the same object that was passed in. | ||
| ### cookieParser.signedCookie(str, secret) | ||
| Parse a cookie value as a signed cookie. This will return the parsed unsigned value if it was a signed cookie and the signature was valid, otherwise it will return the passed value. | ||
| Parse a cookie value as a signed cookie. This will return the parsed unsigned value if it was a signed cookie and the signature was valid. If the value was not signed, the original value is returned. If the value was signed but the signature could not be validated, `false` is returned. | ||
@@ -60,3 +59,3 @@ The `secret` argument can be an array or string. If a string is provided, this is used as the secret. If an array is provided, an attempt will be made to unsign the cookie with each secret in order. | ||
| ```js | ||
| var express = require('express') | ||
| var express = require('express') | ||
| var cookieParser = require('cookie-parser') | ||
@@ -67,4 +66,8 @@ | ||
| app.get('/', function(req, res) { | ||
| app.get('/', function (req, res) { | ||
| // Cookies that have not been signed | ||
| console.log('Cookies: ', req.cookies) | ||
| // Cookies that have been signed | ||
| console.log('Signed Cookies: ', req.signedCookies) | ||
| }) | ||
@@ -80,11 +83,8 @@ | ||
| [npm-image]: https://img.shields.io/npm/v/cookie-parser.svg | ||
| [coveralls-image]: https://badgen.net/coveralls/c/github/expressjs/cookie-parser/master | ||
| [coveralls-url]: https://coveralls.io/r/expressjs/cookie-parser?branch=master | ||
| [npm-downloads-image]: https://badgen.net/npm/dm/cookie-parser | ||
| [npm-url]: https://npmjs.org/package/cookie-parser | ||
| [node-version-image]: https://img.shields.io/node/v/cookie-parser.svg | ||
| [node-version-url]: https://nodejs.org/en/download | ||
| [travis-image]: https://img.shields.io/travis/expressjs/cookie-parser/master.svg | ||
| [npm-version-image]: https://badgen.net/npm/v/cookie-parser | ||
| [travis-image]: https://badgen.net/travis/expressjs/cookie-parser/master | ||
| [travis-url]: https://travis-ci.org/expressjs/cookie-parser | ||
| [coveralls-image]: https://img.shields.io/coveralls/expressjs/cookie-parser/master.svg | ||
| [coveralls-url]: https://coveralls.io/r/expressjs/cookie-parser?branch=master | ||
| [downloads-image]: https://img.shields.io/npm/dm/cookie-parser.svg | ||
| [downloads-url]: https://npmjs.org/package/cookie-parser |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by3.8%
11188
Worsened metrics
- Dev dependency count
- increased by266.67%
11
No dependency changes