UNPKG

litejs

Version:

Single-page application framework

github.com/litejs/litejs

litejs/litejs

78 lines (65 loc) 2.12 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
var log = require("../lib/log")("app:cookie") , valueEsc = /[^!#-~]|[%,;\\]/g exports.get = getCookie exports.set = setCookie exports.escape = escapeCookie function getCookie(name, opts) { if (typeof name === "object") { opts = name name = opts.name } else { opts = opts || {} } var req = this , junks = ("; " + req.headers.cookie).split("; " + name + "=") if (junks.length > 2) { ;(opts.path || "").split("/").map(function(val, key, arr) { var path = arr.slice(0, key+1).join("/") , domain = opts.domain req.res.cookie(name, "", {ttl: -1, path: path}) if (domain) { req.res.cookie(name, "", {ttl: -1, path: path, domain: domain}) if (domain !== (domain = domain.replace(/^[^.]+/, "*"))) { req.res.cookie(name, "", {ttl: -1, path: path, domain: domain}) } } }) log.warn("Cookie fixation detected: %s", req.headers.cookie) return } try { return decodeURIComponent((junks[1] || "").split(";")[0]) } catch(e) { log.warn("Invalid cookie '%s' in: %s", name, req.headers.cookie) } } function setCookie(name, value, opts) { var res = this , existing = (res._headers || setCookie)["set-cookie"] , cookie = ( typeof name === "object" ? (opts = name).name : name ) + "=" + escapeCookie(value) if (opts) { cookie += // Max-Age=1 - Number of seconds until the cookie expires. // ie8 do not support max-age. // if both (Expires and Max-Age) are set, Max-Age will have precedence. (opts.ttl ? "; Expires=" + new Date(opts.ttl > 0 ? Date.now() + (opts.ttl*1000) : 0).toUTCString() : "") + (opts.path ? "; Path=" + opts.path : "") + (opts.domain ? "; Domain=" + opts.domain : "") + (opts.secure ? "; Secure" : "") + (opts.httpOnly ? "; HttpOnly" : "") + (opts.sameSite ? "; SameSite=" + opts.sameSite : "") } if (!Array.isArray(existing)) { res.setHeader("Set-Cookie", ( existing === void 0 ? cookie : [existing, cookie] )) } else { existing.push(cookie) } log.debug("Set-Cookie: %s", cookie) } function escapeCookie(value) { return typeof value === "string" ? value.replace(valueEsc, encodeURIComponent) : "" }