egg-cookies - npm Package Compare versions

Comparing version 2.3.1 to 2.3.2

History.md

 
+2.3.2 / 2020-02-19
+==================
+
+**fixes**
+  * [[`c6e1e74`](http://github.com/eggjs/egg-cookies/commit/c6e1e74e77c53f68e79f0ebd799c755db470badd)] - fix: don't send SameSite=None on Chromium/Chrome < 80.x (#25) (fengmk2 <<fengmk2@gmail.com>>)
+
 2.3.1 / 2019-12-17
@@ -3,0 +9,0 @@ ==================

lib/cookies.js

@@ -5,3 +5,3 @@ 'use strict';
 const utility = require('utility');
-const isSameSiteNoneCompatible = require('should-send-same-site-none').isSameSiteNoneCompatible;
+const _isSameSiteNoneCompatible = require('should-send-same-site-none').isSameSiteNoneCompatible;
 const Keygrip = require('./keygrip');
@@ -118,3 +118,3 @@ const Cookie = require('./cookie');
       const userAgent = this.ctx.get('user-agent');
-      if (userAgent && !isSameSiteNoneCompatible(userAgent)) {
+      if (userAgent && !this.isSameSiteNoneCompatible(userAgent)) {
         // Incompatible clients, don't send SameSite=None property
@@ -142,4 +142,19 @@ opts.sameSite = false;
   }
+
+  isSameSiteNoneCompatible(userAgent) {
+    // Chrome >= 80.0.0.0
+    const result = parseChromiumAndMajorVersion(userAgent);
+    if (result.chromium) return result.majorVersion >= 80;
+    return _isSameSiteNoneCompatible(userAgent);
+  }
 }
 
+// https://github.com/linsight/should-send-same-site-none/blob/master/index.js#L86
+function parseChromiumAndMajorVersion(userAgent) {
+  const m = /Chrom[^ \/]+\/(\d+)[\.\d]* /.exec(userAgent);
+  if (!m) return { chromium: false, version: null };
+  // Extract digits from first capturing group.
+  return { chromium: true, majorVersion: parseInt(m[1]) };
+}
+
 const partternCache = new Map();
@@ -146,0 +161,0 @@ function getPattern(name) {

package.json

 {
   "name": "egg-cookies",
-  "version": "2.3.1",
+  "version": "2.3.2",
   "description": "cookies module for egg",
@@ -5,0 +5,0 @@ "files": [

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

22642

increased by3.9%

Lines of code

369

increased by3.65%

No dependency changes