node-cookie - npm Package Compare versions

Comparing version 1.0.0 to 1.0.1

package.json

 {
   "name": "node-cookie",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "description": "sign, encrypt and parse http cookies",
@@ -5,0 +5,0 @@ "main": "index.js",

src/Cookie/index.js

@@ -161,3 +161,3 @@ 'use strict'
   const cookie = parser.serialize(key, String(cookieValue), options)
-  Cookie._append(req, res, cookie)
+  Cookie._append(req, res, key, cookie)
 }
@@ -171,2 +171,3 @@
  * @param  {Object} res
+ * @param  {String} key
  * @param  {Array} cookie
@@ -176,12 +177,4 @@ * @return {void}
  */
-Cookie._append = function (req, res, cookie) {
+Cookie._append = function (req, res, key, cookie) {
   /**
-   * reading exisiting request cookies on request
-   * object
-   * @type {Array}
-   */
-  let requestCookies = req.headers['cookie'] || []
-  requestCookies = typeof (requestCookies) === 'object' ? requestCookies : [requestCookies]
-
-  /**
    * reading existing cookies on response header, they will
@@ -199,3 +192,6 @@ * exist when cookie.create has been called multiple
    */
-  const cookiesArray = existingCookies.concat(requestCookies).concat([cookie])
+  const cookiesArray = existingCookies.filter(function (value) {
+    return value.indexOf(`${key}=`) !== 0
+  })
+  cookiesArray.push(cookie)
   res.setHeader('Set-Cookie', cookiesArray)
@@ -202,0 +198,0 @@ }

New alerts

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Worsened metrics

Total package byte prevSize

9487

-1.47%

Lines of code

199

-1.49%

Number of medium supply chain risk alerts

1

Infinity%

No dependency changes