Security News
The Push to Ban Ransom Payments Is Gaining Momentum
Ransomware costs victims an estimated $30 billion per year and has gotten so out of control that global support for banning payments is gaining momentum.
egg-cookies
Advanced tools
Changelog
2.7.0 (2023-08-04)
others
ebe330e
] - 🐛 FIX: Avoid ReDoS (#36) (fengmk2 <fengmk2@gmail.com>)features
7ed0ded
] - feat: deprecated crypto api (#35) (吖猩 <whxaxes@gmail.com>)features
7377d3b
] - feat: add CookieError (#31) (图南 <xzj15859722542@hotmail.com>)others
d27be06
] - 🤖 TEST: Run on node 18 (#34) (fengmk2 <fengmk2@gmail.com>)9e770ee
] - Create codeql-analysis.yml (fengmk2 <fengmk2@gmail.com>)eff0195
] - chore: update build status badge (#33) (XiaoRui <xiangwu619@gmail.com>)fixes
c8c42d3
] - fix: should only update .sig once (#32) (TZ | 天猪 <atian25@qq.com>)fixes
a72fd0c
] - fix: ignore maxAge = 0 (#29) (Yiyu He <dead_horse@qq.com>)fixes
7a87cc1
] - fix: ignore invalid maxage (#28) (Yiyu He <dead_horse@qq.com>)features
4417dda
] - feat: Send max-age
header as well as expires
if it is set(#27) (Junyan <yancoding@gmail.com>)fixes
a146191
] - fix(typings): value of set method should support null type (#21) (Jedmeng <roy.urey@gmail.com>)fixes
b3f86c0
] - fix(SameSite): don't send SameSite=None on non-secure context (#26) (Eric Zhang <hixyeric@gmail.com>)fixes
c6e1e74
] - fix: don't send SameSite=None on Chromium/Chrome < 80.x (#25) (fengmk2 <fengmk2@gmail.com>)fixes
d4f443a
] - fix: don't set samesite=none on incompatible clients (#23) (fengmk2 <fengmk2@gmail.com>)features
d5e3d21
] - feat: support SameSite=None (#18) (ziyunfei <446240525@qq.com>)4dd74d2
] - feat: allow set default cookie options on top level (#22) (fengmk2 <fengmk2@gmail.com>)others
57a005f
] - chore: add license decoration (#20) (刘放 <brizer@users.noreply.github.com>)fixes
64e93e9
] - fix: empty cookie value should ignore maxAge (#17) (fengmk2 <fengmk2@gmail.com>)fixes
d199238
] - fix: don't modify options (#9) (Roc Gao <ggjqzjgp103@qq.com>)others
1037873
] - chore: jsdoc typo (#6) (TZ | 天猪 <atian25@qq.com>)Readme
Extends pillarjs/cookies to adapt koa and egg with some additional features.
egg-cookies provide an alternative encrypt
mode like signed
. An encrypt cookie's value will be encrypted base on keys. Anyone who don't have the keys are unable to know the original cookie's value.
const Cookies = require('egg-cookies');
const cookies = new Cookies(ctx, keys[, defaultCookieOptions]);
cookies.set('foo', 'bar', { encrypt: true });
cookies.get('foo', { encrypt: true });
Note: you should both indicating in get and set in pairs.
Browsers all had some limitation in cookie's length, so if set a cookie with an extremely long value(> 4093), egg-cookies will emit an cookieLimitExceed
event. You can listen to this event and record.
const Cookies = require('egg-cookies');
const cookies = new Cookies(ctx, keys);
cookies.on('cookieLimitExceed', { name, value } => {
// log
});
cookies.set('foo', longText);
dead-horse | fengmk2 | atian25 | whxaxes | xyeric | jedmeng |
---|---|---|---|---|---|
Junyan | beliefgp | snapre | popomore | ziyunfei | brizer |
xuezier |
This project follows the git-contributor spec, auto updated at Mon Jun 20 2022 12:14:02 GMT+0800
.
FAQs
cookies module for egg
We found that egg-cookies demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Ransomware costs victims an estimated $30 billion per year and has gotten so out of control that global support for banning payments is gaining momentum.
Application Security
New SEC disclosure rules aim to enforce timely cyber incident reporting, but fear of job loss and inadequate resources lead to significant underreporting.
Security News
The Python Software Foundation has secured a 5-year sponsorship from Fastly that supports PSF's activities and events, most notably the security and reliability of the Python Package Index (PyPI).