egg-cookies - npm Package Compare versions

Comparing version 2.8.3 to 2.9.0

index.d.ts

@@ -8,2 +8,9 @@ /**
 declare namespace EggCookies {
+  interface DefaultCookieOptions {
+    /**
+     * Auto get and set `__Host` prefix cookie to adaptation CHIPS mode (The default value is false).
+     */
+    autoChips?: boolean;
+  }
+
   interface CookieGetOptions {
@@ -76,3 +83,3 @@ /**
 
-  constructor(ctx?: any, keys?: any);
+  constructor(ctx?: any, keys?: any, opts?: EggCookies.DefaultCookieOptions);
 
@@ -79,0 +86,0 @@ /**

lib/cookies.js

@@ -26,2 +26,3 @@ 'use strict';
     this._defaultCookieOptions = defaultCookieOptions;
+    this._autoChips = defaultCookieOptions && defaultCookieOptions.autoChips;
     this.ctx = ctx;
@@ -58,2 +59,11 @@ this.secure = this.ctx.secure;
     opts = opts || {};
+    let value = this._get(name, opts);
+    if (value === undefined && this._autoChips) {
+      // try to read __Host-${name} prefix cookie
+      value = this._get(this._formatChipsCookieName(name), opts);
+    }
+    return value;
+  }
+
+  _get(name, opts) {
     const signed = computeSigned(opts);
@@ -98,2 +108,6 @@
     opts = Object.assign({}, this._defaultCookieOptions, opts);
+    if (this._autoChips) {
+      opts.partitioned = false;
+      opts.removeUnpartitioned = false;
+    }
     const signed = computeSigned(opts);
@@ -122,2 +136,3 @@ value = value || '';
     let isSameSiteNone = false;
+    let autoChips = this._autoChips;
     if (opts.sameSite && typeof opts.sameSite === 'string' && opts.sameSite.toLowerCase() === 'none') {
@@ -131,6 +146,7 @@ isSameSiteNone = true;
     }
-    if (opts.partitioned) {
+    if (autoChips || opts.partitioned) {
       // allow to set partitioned: secure=true and sameSite=none and chrome >= 118
       if (!isSameSiteNone || opts.secure === false || !this.secure || (userAgent && !this.isPartitionedCompatible(userAgent))) {
         // Non-secure context or Incompatible clients, don't send partitioned property
+        autoChips = false;
         opts.partitioned = false;
@@ -161,2 +177,20 @@ }
       }
+    } else if (autoChips) {
+      // add __Host-${name} prefix cookie
+      const newCookieName = this._formatChipsCookieName(name);
+      const newCookieOpts = Object.assign({}, opts, {
+        partitioned: true,
+      });
+      const newPartitionedCookie = new Cookie(newCookieName, value, newCookieOpts);
+      // if user not set secure, reset secure to ctx.secure
+      if (opts.secure === undefined) newPartitionedCookie.attrs.secure = this.secure;
+
+      headers = pushCookie(headers, newPartitionedCookie);
+      // signed
+      if (signed) {
+        newPartitionedCookie.value = value && this.keys.sign(newPartitionedCookie.toString());
+        newPartitionedCookie.name += '.sig';
+        headers = ignoreCookiesByName(headers, newPartitionedCookie.name);
+        headers = pushCookie(headers, newPartitionedCookie);
+      }
     }
@@ -180,2 +214,6 @@
 
+  _formatChipsCookieName(name) {
+    return `__Host-${name}`;
+  }
+
   _parseChromiumAndMajorVersion(userAgent) {
@@ -182,0 +220,0 @@ if (!this[PARSED_UA]) {

package.json

 {
   "name": "egg-cookies",
-  "version": "2.8.3",
+  "version": "2.9.0",
   "description": "cookies module for egg",
@@ -5,0 +5,0 @@ "files": [

README.zh-CN.md

@@ -31,2 +31,10 @@ # egg-cookies
 
+### `defaultCookieOptions`
+
+全局默认配置：
+
+- autoChips - `Boolean` 是否开启 [CHIPS](https://developers.google.com/privacy-sandbox/3pcd/chips#security_design) 的自动适配方案，
+会自动给 Cookie 新增一个 `__Host` 为前缀的分区 Cookie，优先读取非分区 Cookie，读取失败则尝试读取 `__Host` 前缀的同名 Cookie 适配三方 Cookie 禁止逻辑。
+一旦配置 `autoChips=true`，那么会强制忽略 `partitioned`、`removeUnpartitioned` 参数。
+
 ## 设置 cookie
@@ -33,0 +41,0 @@

No alert changes

Improved metrics

Total package byte prevSize

30521

increased by7.54%

Lines of code

513

increased by8.69%

No dependency changes