cookies
Advanced tools
Comparing version 0.4.1 to 0.5.0
@@ -0,5 +1,56 @@ | ||
| 0.5.0 / 2014-07-27 | ||
| ================== | ||
| * Integrate with `req.protocol` for secure cookies | ||
| * Support `maxAge` as well as `maxage` | ||
| 0.4.1 / 2014-05-07 | ||
| ================== | ||
| * Update package for repo move | ||
| 0.4.0 / 2014-01-31 | ||
| ================== | ||
| * added: allow passing an array of strings as keys | ||
| * Allow passing an array of strings as keys | ||
| 0.3.8-0.2.0 | ||
| =========== | ||
| * TODO: write down history for these releases | ||
| 0.1.6 / 2011-03-01 | ||
| ================== | ||
| * SSL cookies secure by default | ||
| * Use httpOnly by default unless explicitly false | ||
| 0.1.5 / 2011-02-26 | ||
| ================== | ||
| * Delete sig cookie if signed cookie is deleted | ||
| 0.1.4 / 2011-02-26 | ||
| ================== | ||
| * Always set path | ||
| 0.1.3 / 2011-02-26 | ||
| ================== | ||
| * Add sensible defaults for path | ||
| 0.1.2 / 2011-02-26 | ||
| ================== | ||
| * Inherit cookie properties to signature cookie | ||
| 0.1.1 / 2011-02-25 | ||
| ================== | ||
| * Readme updates | ||
| 0.1.0 / 2011-02-25 | ||
| ================== | ||
| * Initial release |
@@ -54,3 +54,3 @@ var Keygrip = require('keygrip') | ||
| , headers = res.getHeader("Set-Cookie") || [] | ||
| , secure = req.connection.encrypted | ||
| , secure = req.protocol === 'https' || req.connection.encrypted | ||
| , cookie = new Cookie(name, value, opts) | ||
@@ -61,3 +61,5 @@ , signed = opts && opts.signed !== undefined ? opts.signed : !!this.keys | ||
| if (!secure && opts && opts.secure) throw new Error("Cannot send secure cookie over unencrypted socket") | ||
| if (!secure && opts && opts.secure) { | ||
| throw new Error('Cannot send secure cookie over unencrypted connection') | ||
| } | ||
@@ -106,3 +108,3 @@ cookie.secure = secure | ||
| if (this.maxage) this.expires = new Date(Date.now() + this.maxage); | ||
| if (this.maxAge) this.expires = new Date(Date.now() + this.maxAge); | ||
@@ -119,2 +121,10 @@ if (this.path ) header += "; path=" + this.path | ||
| // back-compat so maxage mirrors maxAge | ||
| Object.defineProperty(Cookie.prototype, 'maxage', { | ||
| configurable: true, | ||
| enumerable: true, | ||
| get: function () { return this.maxAge }, | ||
| set: function (val) { return this.maxAge = val } | ||
| }); | ||
| function getPattern(name) { | ||
@@ -121,0 +131,0 @@ if (cache[name]) return cache[name] |
| { | ||
| "name": "cookies", | ||
| "version": "0.4.1", | ||
| "version": "0.5.0", | ||
| "description": "Cookies, optionally signed using Keygrip.", | ||
@@ -11,23 +11,15 @@ "main": "./lib/cookies", | ||
| "express": "*", | ||
| "restify": "*" | ||
| "restify": "*", | ||
| "supertest": "0", | ||
| "mocha": "1" | ||
| }, | ||
| "licenses": [ | ||
| { | ||
| "type": "MIT", | ||
| "url": "https://raw.github.com/expressjs/cookies/master/LICENSE.txt" | ||
| } | ||
| ], | ||
| "engines": { | ||
| "node": ">= 0.6.0" | ||
| "node": ">= 0.8.0" | ||
| }, | ||
| "license": "MIT", | ||
| "author": "Jed Schmidt <tr@nslator.jp> (http://jed.is)", | ||
| "homepage": "https://github.com/expressjs/cookies", | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "git://github.com/expressjs/cookies.git" | ||
| }, | ||
| "repository": "expressjs/cookies", | ||
| "scripts": { | ||
| "test": "node ./test/http.js && node ./test/express.js && node ./test/restify.js" | ||
| }, | ||
| "optionalDependencies": {} | ||
| "test": "mocha --reporter spec" | ||
| } | ||
| } |
| Cookies | ||
| ======= | ||
| [](http://travis-ci.org/expressjs/cookies) | ||
| [](https://badge.fury.io/js/cookies) | ||
| [](https://travis-ci.org/expressjs/cookies) | ||
@@ -58,3 +59,3 @@ Cookies is a [node.js](http://nodejs.org/) module for getting and setting HTTP(S) cookies. Cookies can be signed to prevent tampering, using [Keygrip](https://github.com/expressjs/keygrip). It can be used with the built-in node.js HTTP library, or as Connect/Express middleware. | ||
| * `maxage`: a number representing the milliseconds from `Date.now()` for expiry | ||
| * `maxAge`: a number representing the milliseconds from `Date.now()` for expiry | ||
| * `expires`: a `Date` object indicating the cookie's expiration date (expires at the end of session by default). | ||
@@ -61,0 +62,0 @@ * `path`: a string indicating the path of the cookie (`/` by default). |
Sorry, the diff of this file is not supported yet
New alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
No website
QualityPackage does not have a website.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Improved metrics
- Number of lines in readme file
- increased by0.83%
122
- Number of medium supply chain risk alerts
- decreased by-40%
3
Worsened metrics
- Total package byte prevSize
- decreased by-33.18%
13629
- Dev dependency count
- increased by100%
4
- Number of package files
- decreased by-40%
6
- Lines of code
- decreased by-59.06%
122
- Number of low quality alerts
- increased by100%
2
- Number of low supply chain risk alerts
- increased byInfinity%
1