Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

cookiejar

Package Overview
Dependencies
Maintainers
1
Versions
20
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

cookiejar - npm Package Compare versions

Comparing version 1.3.2 to 2.0.0

461

cookiejar.js

@@ -1,226 +0,259 @@

var CookieAccessInfo=exports.CookieAccessInfo=function CookieAccessInfo(domain,path,secure,script) {
if(this instanceof CookieAccessInfo) {
this.domain=domain||undefined;
this.path=path||"/";
this.secure=!!secure;
this.script=!!script;
return this;
(function () {
"use strict";
function CookieAccessInfo(domain, path, secure, script) {
if (this instanceof CookieAccessInfo) {
this.domain = domain || undefined;
this.path = path || "/";
this.secure = !!secure;
this.script = !!script;
return this;
}
return new CookieAccessInfo(domain, path, secure, script);
}
else {
return new CookieAccessInfo(domain,path,secure,script)
}
}
exports.CookieAccessInfo = CookieAccessInfo;
var Cookie=exports.Cookie=function Cookie(cookiestr) {
if(cookiestr instanceof Cookie) {
return cookiestr;
}
else {
if(this instanceof Cookie) {
this.name = null;
this.value = null;
this.expiration_date = Infinity;
this.path = "/";
this.domain = null;
this.secure = false; //how to define?
this.noscript = false; //httponly
if(cookiestr) {
try {
this.parse(cookiestr)
} catch(e) {}
}
return this;
function Cookie(cookiestr, request_domain, request_path) {
if (cookiestr instanceof Cookie) {
return cookiestr;
}
return new Cookie(cookiestr)
if (this instanceof Cookie) {
this.name = null;
this.value = null;
this.expiration_date = Infinity;
this.path = String(request_path || "/");
this.explicit_path = false;
this.domain = request_domain || null;
this.explicit_domain = false;
this.secure = false; //how to define default?
this.noscript = false; //httponly
if (cookiestr) {
this.parse(cookiestr, request_domain, request_path);
}
return this;
}
return new Cookie(cookiestr);
}
}
exports.Cookie = Cookie;
Cookie.prototype.toString = function toString() {
var str=[this.name+"="+this.value];
if(this.expiration_date !== Infinity) {
str.push("expires="+(new Date(this.expiration_date)).toGMTString());
}
if(this.domain) {
str.push("domain="+this.domain);
}
if(this.path) {
str.push("path="+this.path);
}
if(this.secure) {
str.push("secure");
}
if(this.noscript) {
str.push("httponly");
}
return str.join("; ");
}
Cookie.prototype.toString = function toString() {
var str = [this.name + "=" + this.value];
if (this.expiration_date !== Infinity) {
str.push("expires=" + (new Date(this.expiration_date)).toGMTString());
}
if (this.domain) {
str.push("domain=" + this.domain);
}
if (this.path) {
str.push("path=" + this.path);
}
if (this.secure) {
str.push("secure");
}
if (this.noscript) {
str.push("httponly");
}
return str.join("; ");
};
Cookie.prototype.toValueString = function toValueString() {
return this.name+"="+this.value;
}
Cookie.prototype.toValueString = function toValueString() {
return this.name + "=" + this.value;
};
var cookie_str_splitter=/[:](?=\s*[a-zA-Z0-9_\-]+\s*[=])/g
Cookie.prototype.parse = function parse(str) {
if(this instanceof Cookie) {
var parts=str.split(";").filter(function(value){return !!value})
, pair=parts[0].match(/([^=]+)=((?:.|\n)*)/)
, key=pair[1]
, value=pair[2];
this.name = key;
this.value = value;
for(var i=1;i<parts.length;i++) {
pair=parts[i].match(/([^=]+)(?:=((?:.|\n)*))?/)
, key=pair[1].trim().toLowerCase()
, value=pair[2];
switch(key) {
case "httponly":
this.noscript = true;
break;
case "expires":
this.expiration_date = value
? Number(Date.parse(value))
: Infinity;
break;
case "path":
this.path = value
? value.trim()
: "";
break;
case "domain":
this.domain = value
? value.trim()
: "";
break;
case "secure":
this.secure = true;
break
}
}
return this;
}
return new Cookie().parse(str)
}
var cookie_str_splitter = /[:](?=\s*[a-zA-Z0-9_\-]+\s*[=])/g;
Cookie.prototype.parse = function parse(str, request_domain, request_path) {
if (this instanceof Cookie) {
var parts = str.split(";").filter(function (value) {
return !!value;
}),
pair = parts[0].match(/([^=]+)=([\s\S]*)/),
key = pair[1],
value = pair[2],
i;
this.name = key;
this.value = value;
Cookie.prototype.matches = function matches(access_info) {
if(this.noscript && access_info.script
|| this.secure && !access_info.secure
|| !this.collidesWith(access_info)) {
return false
}
return true;
}
for (i = 1; i < parts.length; i += 1) {
pair = parts[i].match(/([^=]+)(?:=([\s\S]*))?/);
key = pair[1].trim().toLowerCase();
value = pair[2];
switch (key) {
case "httponly":
this.noscript = true;
break;
case "expires":
this.expiration_date = value ?
Number(Date.parse(value)) :
Infinity;
break;
case "path":
this.path = value ?
value.trim() :
"";
this.explicit_path = true;
break;
case "domain":
this.domain = value ?
value.trim() :
"";
this.explicit_domain = !!this.domain;
break;
case "secure":
this.secure = true;
break;
}
}
Cookie.prototype.collidesWith = function collidesWith(access_info) {
if((this.path && !access_info.path) || (this.domain && !access_info.domain)) {
return false
}
if(this.path && access_info.path.indexOf(this.path) !== 0) {
return false;
}
if (this.domain===access_info.domain) {
return true;
}
else if(this.domain && this.domain.charAt(0)===".")
{
var wildcard=access_info.domain.indexOf(this.domain.slice(1))
if(wildcard===-1 || wildcard!==access_info.domain.length-this.domain.length+1) {
return false;
}
}
else if(this.domain){
return false
}
return true;
}
if (!this.explicit_path) {
this.path = request_path || "/";
}
if (!this.explicit_domain) {
this.domain = request_domain;
}
var CookieJar=exports.CookieJar=function CookieJar() {
if(this instanceof CookieJar) {
var cookies = {} //name: [Cookie]
this.setCookie = function setCookie(cookie) {
cookie = Cookie(cookie);
//Delete the cookie if the set is past the current time
var remove = cookie.expiration_date <= Date.now();
if(cookie.name in cookies) {
var cookies_list = cookies[cookie.name];
for(var i=0;i<cookies_list.length;i++) {
var collidable_cookie = cookies_list[i];
if(collidable_cookie.collidesWith(cookie)) {
if(remove) {
cookies_list.splice(i,1);
if(cookies_list.length===0) {
delete cookies[cookie.name]
}
return false;
}
else {
return cookies_list[i]=cookie;
}
}
}
if(remove) {
return false;
}
cookies_list.push(cookie);
return cookie;
}
else if(remove){
return false;
}
else {
return cookies[cookie.name]=[cookie];
}
}
//returns a cookie
this.getCookie = function getCookie(cookie_name,access_info) {
var cookies_list = cookies[cookie_name];
if (!cookies_list) return;
for(var i=0;i<cookies_list.length;i++) {
var cookie = cookies_list[i];
if(cookie.expiration_date <= Date.now()) {
if(cookies_list.length===0) {
delete cookies[cookie.name]
}
continue;
}
if(cookie.matches(access_info)) {
return cookie;
}
}
}
//returns a list of cookies
this.getCookies = function getCookies(access_info) {
var matches=[];
for(var cookie_name in cookies) {
var cookie=this.getCookie(cookie_name,access_info);
if (cookie) {
matches.push(cookie);
}
}
matches.toString=function toString(){return matches.join(":");}
matches.toValueString=function() {return matches.map(function(c){return c.toValueString();}).join(';');}
return matches;
}
return this;
}
return new CookieJar()
}
return this;
}
return new Cookie().parse(str, request_domain, request_path);
};
Cookie.prototype.matches = function matches(access_info) {
if (this.noscript && access_info.script ||
this.secure && !access_info.secure ||
!this.collidesWith(access_info)) {
return false;
}
return true;
};
//returns list of cookies that were set correctly. Cookies that are expired and removed are not returned.
CookieJar.prototype.setCookies = function setCookies(cookies) {
cookies=Array.isArray(cookies)
?cookies
:cookies.split(cookie_str_splitter);
var successful=[]
for(var i=0;i<cookies.length;i++) {
var cookie = Cookie(cookies[i]);
if(this.setCookie(cookie)) {
successful.push(cookie);
}
}
return successful;
}
Cookie.prototype.collidesWith = function collidesWith(access_info) {
if ((this.path && !access_info.path) || (this.domain && !access_info.domain)) {
return false;
}
if (this.path && access_info.path.indexOf(this.path) !== 0) {
return false;
}
if (!this.explicit_path) {
if (this.path !== access_info.path) {
return false;
}
}
var access_domain = access_info.domain.replace(/^[\.]/,'');
var cookie_domain = this.domain && this.domain.replace(/^[\.]/,'');
if (cookie_domain === access_domain) {
return true;
}
if (cookie_domain) {
if (!this.explicit_domain) {
return false; // we already checked if the domains were exactly the same
}
var wildcard = access_domain.indexOf(cookie_domain);
if (wildcard === -1 || wildcard !== access_domain.length - cookie_domain.length) {
return false;
}
return true;
}
return true;
};
function CookieJar() {
var cookies, cookies_list, collidable_cookie;
if (this instanceof CookieJar) {
cookies = Object.create(null); //name: [Cookie]
this.setCookie = function setCookie(cookie, request_domain, request_path) {
var remove, i;
cookie = new Cookie(cookie, request_domain, request_path);
//Delete the cookie if the set is past the current time
remove = cookie.expiration_date <= Date.now();
if (cookies[cookie.name] !== undefined) {
cookies_list = cookies[cookie.name];
for (i = 0; i < cookies_list.length; i += 1) {
collidable_cookie = cookies_list[i];
if (collidable_cookie.collidesWith(cookie)) {
if (remove) {
cookies_list.splice(i, 1);
if (cookies_list.length === 0) {
delete cookies[cookie.name];
}
return false;
}
cookies_list[i] = cookie;
return cookie;
}
}
if (remove) {
return false;
}
cookies_list.push(cookie);
return cookie;
}
if (remove) {
return false;
}
cookies[cookie.name] = [cookie];
return cookies[cookie.name];
};
//returns a cookie
this.getCookie = function getCookie(cookie_name, access_info) {
var cookie, i;
cookies_list = cookies[cookie_name];
if (!cookies_list) {
return;
}
for (i = 0; i < cookies_list.length; i += 1) {
cookie = cookies_list[i];
if (cookie.expiration_date <= Date.now()) {
if (cookies_list.length === 0) {
delete cookies[cookie.name];
}
continue;
}
if (cookie.matches(access_info)) {
return cookie;
}
}
};
//returns a list of cookies
this.getCookies = function getCookies(access_info) {
var matches = [], cookie_name, cookie;
for (cookie_name in cookies) {
cookie = this.getCookie(cookie_name, access_info);
if (cookie) {
matches.push(cookie);
}
}
matches.toString = function toString() {
return matches.join(":");
};
matches.toValueString = function toValueString() {
return matches.map(function (c) {
return c.toValueString();
}).join(';');
};
return matches;
};
return this;
}
return new CookieJar();
}
exports.CookieJar = CookieJar;
//returns list of cookies that were set correctly. Cookies that are expired and removed are not returned.
CookieJar.prototype.setCookies = function setCookies(cookies, request_domain, request_path) {
cookies = Array.isArray(cookies) ?
cookies :
cookies.split(cookie_str_splitter);
var successful = [],
i,
cookie;
cookies = cookies.map(Cookie);
for (i = 0; i < cookies.length; i += 1) {
cookie = cookies[i];
if (this.setCookie(cookie, request_domain, request_path)) {
successful.push(cookie);
}
}
return successful;
};
}());

6

package.json
{
"name": "cookiejar",
"version": "1.3.2",
"version": "2.0.0",
"author": {

@@ -10,2 +10,6 @@ "name": "bradleymeck"

"license": "MIT",
"scripts": {
"prepublish": "jshint cookiejar.js && git tag $npm_package_version && git push origin master && git push origin --tags",
"test": "tests/test.js"
},
"repository": {

@@ -12,0 +16,0 @@ "type": "git",

24

readme.md

@@ -7,7 +7,8 @@ #CookieJar

###CookieAccessInfo(domain,path,secure,script)
###CookieAccessInfo(domain,path,secure,script)
class to determine matching qualities of a cookie
#####Properties
* String domain - domain to match

@@ -19,10 +20,18 @@ * String path - path to match

###Cookie(cookiestr_or_cookie)
###Cookie(cookiestr_or_cookie, request_domain, request_path)
turns input into a Cookie (singleton if given a Cookie)
the `request_domain` argument is used to default the domain if it is not explicit in the cookie string
the `request_path` argument is used to set the path if it is not explicit in a cookie String.
explicit domains/paths will cascade, implied domains/paths must *exactly* match (see http://en.wikipedia.org/wiki/HTTP_cookie#Domain_and_Pat)
#####Properties
* String name - name of the cookie
* String value - string associated with the cookie
* String domain - domain to match (on a cookie a '.' at the start means a wildcard matching anything ending in the rest)
* Boolean explicit_domain - if the domain was explicitly set via the cookie string
* String path - base path to match (matches any path starting with this '/' is root)
* Boolean explicit_path - if the path was explicitly set via the cookie string
* Boolean noscript - if it should be kept from scripts

@@ -33,5 +42,6 @@ * Boolean secure - should it only be transmitted over secure means

#####Methods
* String toString() - the __set-cookie:__ string for this cookie
* String toValueString() - the __cookie:__ string for this cookie
* Cookie parse(cookiestr) - parses the string onto this cookie or a new one if called directly
* Cookie parse(cookiestr, request_domain, request_path) - parses the string onto this cookie or a new one if called directly
* Boolean matches(access_info) - returns true if the access_info allows retrieval of this cookie

@@ -42,8 +52,10 @@ * Boolean collidesWith(cookie) - returns true if the cookies cannot exist in the same space (domain and path match)

###CookieJar()
class to hold numerous cookies from multiple domains correctly
#####Methods
* Cookie setCookie(cookie) - add a cookie to the jar
* Cookie[] setCookies(cookiestr_or_list) - add a large number of cookies to the jar
* Cookie setCookie(cookie, request_domain, request_path) - add a cookie to the jar
* Cookie[] setCookies(cookiestr_or_list, request_domain, request_path) - add a large number of cookies to the jar
* Cookie getCookie(cookie_name,access_info) - get a cookie with the name and access_info matching
* Cookie[] getCookies(access_info) - grab all cookies matching this access_info
* Cookie[] getCookies(access_info) - grab all cookies matching this access_info

36

tests/test.js

@@ -1,5 +0,6 @@

var Cookie=require("../cookiejar")
, CookieAccessInfo = Cookie.CookieAccessInfo
, CookieJar = Cookie.CookieJar
, Cookie = Cookie.Cookie
#!/usr/bin/env node
var Cookie=require("../cookiejar"),
CookieAccessInfo = Cookie.CookieAccessInfo,
CookieJar = Cookie.CookieJar,
Cookie = Cookie.Cookie;

@@ -20,3 +21,6 @@ var assert = require('assert');

var cookie = new Cookie("a=1;path=/", ".test.com");
assert.equal(cookie.domain, ".test.com");
// Test CookieJar

@@ -33,3 +37,3 @@ var test_jar = CookieJar();

cookies=test_jar.getCookies(CookieAccessInfo("www.test.com","/"))
assert.equal(cookies.length, 1, "Wildcard domain fail\n" + cookies.toString());
assert.equal(cookies.length, 2, "Wildcard domain fail\n" + cookies.toString());

@@ -60,2 +64,22 @@ test_jar.setCookies("b=2;domain=test.com;path=/;expires=January 1, 1970");

assert.equal(cookie.path, "/");
assert.deepEqual(cookie, new Cookie("a=1;domain=.test.com;path=/"));
assert.deepEqual(cookie, new Cookie("a=1;domain=.test.com;path=/"));
// Test request_path and request_domain
test_jar.setCookie(new Cookie("sub=4;path=/", "test.com"));
var cookie = test_jar.getCookie("sub", CookieAccessInfo("sub.test.com", "/"));
assert.equal(cookie, undefined);
var cookie = test_jar.getCookie("sub", CookieAccessInfo("test.com", "/"));
assert.equal(cookie.name, "sub");
assert.equal(cookie.domain, "test.com");
test_jar.setCookie(new Cookie("sub=4;", "test.com", "/accounts"));
var cookie = test_jar.getCookie("sub", CookieAccessInfo("test.com", "/"));
assert.equal(cookie, undefined);
var cookie = test_jar.getCookie("sub", CookieAccessInfo("test.com", "/accounts"));
assert.equal(cookie.path, "/accounts");
test_jar.setCookie(new Cookie("sub=5;path=/", "test.com", "/accounts"));
var cookies = test_jar.getCookies(CookieAccessInfo("test.com"));
assert.equal(cookies.length, 3);
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc