@eggjs/cookies 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (31) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +58 -0
  3. package/README.zh-CN.md +76 -0
  4. package/dist/commonjs/cookie.d.ts +62 -0
  5. package/dist/commonjs/cookie.js +101 -0
  6. package/dist/commonjs/cookies.d.ts +43 -0
  7. package/dist/commonjs/cookies.js +271 -0
  8. package/dist/commonjs/error.d.ts +3 -0
  9. package/dist/commonjs/error.js +11 -0
  10. package/dist/commonjs/index.d.ts +4 -0
  11. package/dist/commonjs/index.js +21 -0
  12. package/dist/commonjs/keygrip.d.ts +11 -0
  13. package/dist/commonjs/keygrip.js +120 -0
  14. package/dist/commonjs/package.json +3 -0
  15. package/dist/esm/cookie.d.ts +62 -0
  16. package/dist/esm/cookie.js +94 -0
  17. package/dist/esm/cookies.d.ts +43 -0
  18. package/dist/esm/cookies.js +264 -0
  19. package/dist/esm/error.d.ts +3 -0
  20. package/dist/esm/error.js +7 -0
  21. package/dist/esm/index.d.ts +4 -0
  22. package/dist/esm/index.js +5 -0
  23. package/dist/esm/keygrip.d.ts +11 -0
  24. package/dist/esm/keygrip.js +113 -0
  25. package/dist/esm/package.json +3 -0
  26. package/package.json +72 -0
  27. package/src/cookie.ts +160 -0
  28. package/src/cookies.ts +311 -0
  29. package/src/error.ts +6 -0
  30. package/src/index.ts +4 -0
  31. package/src/keygrip.ts +129 -0
package/dist/esm/cookies.js ADDED
@@ -0,0 +1,264 @@
1
+ import assert from 'node:assert';
2
+ import { base64decode, base64encode } from 'utility';
3
+ import { isSameSiteNoneCompatible } from 'should-send-same-site-none';
4
+ import { Keygrip } from './keygrip.js';
5
+ import { Cookie } from './cookie.js';
6
+ import { CookieError } from './error.js';
7
+ const keyCache = new Map();
8
+ /**
9
+ * cookies for egg
10
+ * extend pillarjs/cookies, add encrypt and decrypt
11
+ */
12
+ export class Cookies {
13
+ #keysArray;
14
+ #keys;
15
+ #defaultCookieOptions;
16
+ #autoChips;
17
+ ctx;
18
+ app;
19
+ secure;
20
+ #parseChromiumResult;
21
+ constructor(ctx, keys, defaultCookieOptions) {
22
+ this.#keysArray = keys;
23
+ // default cookie options
24
+ this.#defaultCookieOptions = defaultCookieOptions;
25
+ this.#autoChips = defaultCookieOptions?.autoChips;
26
+ this.ctx = ctx;
27
+ this.secure = this.ctx.secure;
28
+ this.app = ctx.app;
29
+ }
30
+ get keys() {
31
+ if (!this.#keys) {
32
+ assert(Array.isArray(this.#keysArray), '.keys required for encrypt/sign cookies');
33
+ const cache = keyCache.get(this.#keysArray);
34
+ if (cache) {
35
+ this.#keys = cache;
36
+ }
37
+ else {
38
+ this.#keys = new Keygrip(this.#keysArray);
39
+ keyCache.set(this.#keysArray, this.#keys);
40
+ }
41
+ }
42
+ return this.#keys;
43
+ }
44
+ /**
45
+ * get cookie value by name
46
+ * @param {String} name - cookie's name
47
+ * @param {Object} opts - cookies' options
48
+ * - {Boolean} signed - default to true
49
+ * - {Boolean} encrypt - default to false
50
+ * @return {String} value - cookie's value
51
+ */
52
+ get(name, opts = {}) {
53
+ let value = this._get(name, opts);
54
+ if (value === undefined && this.#autoChips) {
55
+ // try to read _CHIPS-${name} prefix cookie
56
+ value = this._get(this.#formatChipsCookieName(name), opts);
57
+ }
58
+ return value;
59
+ }
60
+ _get(name, opts) {
61
+ const signed = computeSigned(opts);
62
+ const header = this.ctx.get('cookie');
63
+ if (!header)
64
+ return;
65
+ const match = header.match(getPattern(name));
66
+ if (!match)
67
+ return;
68
+ let value = match[1];
69
+ if (!opts.encrypt && !signed)
70
+ return value;
71
+ // signed
72
+ if (signed) {
73
+ const sigName = name + '.sig';
74
+ const sigValue = this.get(sigName, { signed: false });
75
+ if (!sigValue)
76
+ return;
77
+ const raw = name + '=' + value;
78
+ const index = this.keys.verify(raw, sigValue);
79
+ if (index < 0) {
80
+ // can not match any key, remove ${name}.sig
81
+ this.set(sigName, null, { path: '/', signed: false, overwrite: true });
82
+ return;
83
+ }
84
+ if (index > 0) {
85
+ // not signed by the first key, update sigValue
86
+ this.set(sigName, this.keys.sign(raw), { signed: false, overwrite: true });
87
+ }
88
+ return value;
89
+ }
90
+ // encrypt
91
+ value = base64decode(value, true, 'buffer');
92
+ const res = this.keys.decrypt(value);
93
+ return res ? res.value.toString() : undefined;
94
+ }
95
+ set(name, value, opts) {
96
+ opts = {
97
+ ...this.#defaultCookieOptions,
98
+ ...opts,
99
+ };
100
+ const signed = computeSigned(opts);
101
+ value = value || '';
102
+ if (!this.secure && opts.secure) {
103
+ throw new CookieError('Cannot send secure cookie over unencrypted connection');
104
+ }
105
+ let headers = this.ctx.response.get('set-cookie') || [];
106
+ if (!Array.isArray(headers)) {
107
+ headers = [headers];
108
+ }
109
+ // encrypt
110
+ if (opts.encrypt) {
111
+ value = value && base64encode(this.keys.encrypt(value), true);
112
+ }
113
+ // http://browsercookielimits.squawky.net/
114
+ if (value.length > 4093) {
115
+ this.app.emit('cookieLimitExceed', { name, value, ctx: this.ctx });
116
+ }
117
+ // https://github.com/linsight/should-send-same-site-none
118
+ // fixed SameSite=None: Known Incompatible Clients
119
+ const userAgent = this.ctx.get('user-agent');
120
+ let isSameSiteNone = false;
121
+ // disable autoChips if partitioned enable
122
+ let autoChips = !opts.partitioned && this.#autoChips;
123
+ if (opts.sameSite && typeof opts.sameSite === 'string' && opts.sameSite.toLowerCase() === 'none') {
124
+ isSameSiteNone = true;
125
+ if (opts.secure === false || !this.secure || (userAgent && !this.isSameSiteNoneCompatible(userAgent))) {
126
+ // Non-secure context or Incompatible clients, don't send SameSite=None property
127
+ opts.sameSite = false;
128
+ isSameSiteNone = false;
129
+ }
130
+ }
131
+ if (autoChips || opts.partitioned) {
132
+ // allow to set partitioned: secure=true and sameSite=none and chrome >= 118
133
+ if (!isSameSiteNone || opts.secure === false || !this.secure || (userAgent && !this.isPartitionedCompatible(userAgent))) {
134
+ // Non-secure context or Incompatible clients, don't send partitioned property
135
+ autoChips = false;
136
+ opts.partitioned = false;
137
+ }
138
+ }
139
+ // remove unpartitioned same name cookie first
140
+ if (opts.partitioned && opts.removeUnpartitioned) {
141
+ const overwrite = opts.overwrite;
142
+ if (overwrite) {
143
+ opts.overwrite = false;
144
+ headers = ignoreCookiesByName(headers, name);
145
+ }
146
+ const removeCookieOpts = Object.assign({}, opts, {
147
+ partitioned: false,
148
+ });
149
+ const removeUnpartitionedCookie = new Cookie(name, '', removeCookieOpts);
150
+ // if user not set secure, reset secure to ctx.secure
151
+ if (opts.secure === undefined) {
152
+ removeUnpartitionedCookie.attrs.secure = this.secure;
153
+ }
154
+ headers = pushCookie(headers, removeUnpartitionedCookie);
155
+ // signed
156
+ if (signed) {
157
+ removeUnpartitionedCookie.name += '.sig';
158
+ headers = ignoreCookiesByName(headers, removeUnpartitionedCookie.name);
159
+ headers = pushCookie(headers, removeUnpartitionedCookie);
160
+ }
161
+ }
162
+ else if (autoChips) {
163
+ // add _CHIPS-${name} prefix cookie
164
+ const newCookieName = this.#formatChipsCookieName(name);
165
+ const newCookieOpts = {
166
+ ...opts,
167
+ partitioned: true,
168
+ };
169
+ const newPartitionedCookie = new Cookie(newCookieName, value, newCookieOpts);
170
+ // if user not set secure, reset secure to ctx.secure
171
+ if (opts.secure === undefined)
172
+ newPartitionedCookie.attrs.secure = this.secure;
173
+ headers = pushCookie(headers, newPartitionedCookie);
174
+ // signed
175
+ if (signed) {
176
+ newPartitionedCookie.value = value && this.keys.sign(newPartitionedCookie.toString());
177
+ newPartitionedCookie.name += '.sig';
178
+ headers = ignoreCookiesByName(headers, newPartitionedCookie.name);
179
+ headers = pushCookie(headers, newPartitionedCookie);
180
+ }
181
+ }
182
+ const cookie = new Cookie(name, value, opts);
183
+ // if user not set secure, reset secure to ctx.secure
184
+ if (opts.secure === undefined) {
185
+ cookie.attrs.secure = this.secure;
186
+ }
187
+ headers = pushCookie(headers, cookie);
188
+ // signed
189
+ if (signed) {
190
+ cookie.value = value && this.keys.sign(cookie.toString());
191
+ cookie.name += '.sig';
192
+ headers = pushCookie(headers, cookie);
193
+ }
194
+ this.ctx.set('set-cookie', headers);
195
+ return this;
196
+ }
197
+ #formatChipsCookieName(name) {
198
+ return `_CHIPS-${name}`;
199
+ }
200
+ #parseChromiumAndMajorVersion(userAgent) {
201
+ if (!this.#parseChromiumResult) {
202
+ this.#parseChromiumResult = parseChromiumAndMajorVersion(userAgent);
203
+ }
204
+ return this.#parseChromiumResult;
205
+ }
206
+ isSameSiteNoneCompatible(userAgent) {
207
+ // Chrome >= 80.0.0.0
208
+ const result = this.#parseChromiumAndMajorVersion(userAgent);
209
+ if (result.chromium) {
210
+ return result.majorVersion >= 80;
211
+ }
212
+ return isSameSiteNoneCompatible(userAgent);
213
+ }
214
+ isPartitionedCompatible(userAgent) {
215
+ // support: Chrome >= 114.0.0.0
216
+ // default enable: Chrome >= 118.0.0.0
217
+ // https://developers.google.com/privacy-sandbox/3pcd/chips
218
+ const result = this.#parseChromiumAndMajorVersion(userAgent);
219
+ if (result.chromium) {
220
+ return result.majorVersion >= 118;
221
+ }
222
+ return false;
223
+ }
224
+ }
225
+ // https://github.com/linsight/should-send-same-site-none/blob/master/index.js#L86
226
+ function parseChromiumAndMajorVersion(userAgent) {
227
+ const m = /Chrom[^ /]{1,100}\/(\d{1,100}?)\./.exec(userAgent);
228
+ if (!m) {
229
+ return { chromium: false, majorVersion: 0 };
230
+ }
231
+ // Extract digits from first capturing group.
232
+ return { chromium: true, majorVersion: parseInt(m[1]) };
233
+ }
234
+ const _patternCache = new Map();
235
+ function getPattern(name) {
236
+ const cache = _patternCache.get(name);
237
+ if (cache) {
238
+ return cache;
239
+ }
240
+ const reg = new RegExp('(?:^|;) *' +
241
+ name.replace(/[-[\]{}()*+?.,\\^$|#\s]/g, '\\$&') +
242
+ '=([^;]*)');
243
+ _patternCache.set(name, reg);
244
+ return reg;
245
+ }
246
+ function computeSigned(opts) {
247
+ // encrypt default to false, signed default to true.
248
+ // disable singed when encrypt is true.
249
+ if (opts.encrypt)
250
+ return false;
251
+ return opts.signed !== false;
252
+ }
253
+ function pushCookie(cookies, cookie) {
254
+ if (cookie.attrs.overwrite) {
255
+ cookies = ignoreCookiesByName(cookies, cookie.name);
256
+ }
257
+ cookies.push(cookie.toHeader());
258
+ return cookies;
259
+ }
260
+ function ignoreCookiesByName(cookies, name) {
261
+ const prefix = `${name}=`;
262
+ return cookies.filter(c => !c.startsWith(prefix));
263
+ }
264
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29va2llcy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9jb29raWVzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sTUFBTSxNQUFNLGFBQWEsQ0FBQztBQUNqQyxPQUFPLEVBQUUsWUFBWSxFQUFFLFlBQVksRUFBRSxNQUFNLFNBQVMsQ0FBQztBQUNyRCxPQUFPLEVBQUUsd0JBQXdCLEVBQUUsTUFBTSw0QkFBNEIsQ0FBQztBQUN0RSxPQUFPLEVBQUUsT0FBTyxFQUFFLE1BQU0sY0FBYyxDQUFDO0FBQ3ZDLE9BQU8sRUFBRSxNQUFNLEVBQW9CLE1BQU0sYUFBYSxDQUFDO0FBQ3ZELE9BQU8sRUFBRSxXQUFXLEVBQUUsTUFBTSxZQUFZLENBQUM7QUFFekMsTUFBTSxRQUFRLEdBQUcsSUFBSSxHQUFHLEVBQXFCLENBQUM7QUFvQjlDOzs7R0FHRztBQUNILE1BQU0sT0FBTyxPQUFPO0lBQ1QsVUFBVSxDQUFXO0lBQzlCLEtBQUssQ0FBVTtJQUNOLHFCQUFxQixDQUF3QjtJQUM3QyxVQUFVLENBQVc7SUFDckIsR0FBRyxDQUFzQjtJQUN6QixHQUFHLENBQXNCO0lBQ3pCLE1BQU0sQ0FBVTtJQUN6QixvQkFBb0IsQ0FBdUI7SUFFM0MsWUFBWSxHQUF3QixFQUFFLElBQWMsRUFBRSxvQkFBMkM7UUFDL0YsSUFBSSxDQUFDLFVBQVUsR0FBRyxJQUFJLENBQUM7UUFDdkIseUJBQXlCO1FBQ3pCLElBQUksQ0FBQyxxQkFBcUIsR0FBRyxvQkFBb0IsQ0FBQztRQUNsRCxJQUFJLENBQUMsVUFBVSxHQUFHLG9CQUFvQixFQUFFLFNBQVMsQ0FBQztRQUNsRCxJQUFJLENBQUMsR0FBRyxHQUFHLEdBQUcsQ0FBQztRQUNmLElBQUksQ0FBQyxNQUFNLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUM7UUFDOUIsSUFBSSxDQUFDLEdBQUcsR0FBRyxHQUFHLENBQUMsR0FBRyxDQUFDO0lBQ3JCLENBQUM7SUFFRCxJQUFJLElBQUk7UUFDTixJQUFJLENBQUMsSUFBSSxDQUFDLEtBQUssRUFBRSxDQUFDO1lBQ2hCLE1BQU0sQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsRUFBRSx5Q0FBeUMsQ0FBQyxDQUFDO1lBQ2xGLE1BQU0sS0FBSyxHQUFHLFFBQVEsQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxDQUFDO1lBQzVDLElBQUksS0FBSyxFQUFFLENBQUM7Z0JBQ1YsSUFBSSxDQUFDLEtBQUssR0FBRyxLQUFLLENBQUM7WUFDckIsQ0FBQztpQkFBTSxDQUFDO2dCQUNOLElBQUksQ0FBQyxLQUFLLEdBQUcsSUFBSSxPQUFPLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxDQUFDO2dCQUMxQyxRQUFRLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxDQUFDO1lBQzVDLENBQUM7UUFDSCxDQUFDO1FBQ0QsT0FBTyxJQUFJLENBQUMsS0FBSyxDQUFDO0lBQ3BCLENBQUM7SUFFRDs7Ozs7OztPQU9HO0lBQ0gsR0FBRyxDQUFDLElBQVksRUFBRSxPQUF5QixFQUFFO1FBQzNDLElBQUksS0FBSyxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxFQUFFLElBQUksQ0FBQyxDQUFDO1FBQ2xDLElBQUksS0FBSyxLQUFLLFNBQVMsSUFBSSxJQUFJLENBQUMsVUFBVSxFQUFFLENBQUM7WUFDM0MsMkNBQTJDO1lBQzNDLEtBQUssR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxzQkFBc0IsQ0FBQyxJQUFJLENBQUMsRUFBRSxJQUFJLENBQUMsQ0FBQztRQUM3RCxDQUFDO1FBQ0QsT0FBTyxLQUFLLENBQUM7SUFDZixDQUFDO0lBRUQsSUFBSSxDQUFDLElBQVksRUFBRSxJQUFzQjtRQUN2QyxNQUFNLE1BQU0sR0FBRyxhQUFhLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDbkMsTUFBTSxNQUFNLEdBQVcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsUUFBUSxDQUFDLENBQUM7UUFDOUMsSUFBSSxDQUFDLE1BQU07WUFBRSxPQUFPO1FBRXBCLE1BQU0sS0FBSyxHQUFHLE1BQU0sQ0FBQyxLQUFLLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUM7UUFDN0MsSUFBSSxDQUFDLEtBQUs7WUFBRSxPQUFPO1FBRW5CLElBQUksS0FBSyxHQUFHLEtBQUssQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUNyQixJQUFJLENBQUMsSUFBSSxDQUFDLE9BQU8sSUFBSSxDQUFDLE1BQU07WUFBRSxPQUFPLEtBQUssQ0FBQztRQUUzQyxTQUFTO1FBQ1QsSUFBSSxNQUFNLEVBQUUsQ0FBQztZQUNYLE1BQU0sT0FBTyxHQUFHLElBQUksR0FBRyxNQUFNLENBQUM7WUFDOUIsTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUsRUFBRSxNQUFNLEVBQUUsS0FBSyxFQUFFLENBQUMsQ0FBQztZQUN0RCxJQUFJLENBQUMsUUFBUTtnQkFBRSxPQUFPO1lBRXRCLE1BQU0sR0FBRyxHQUFHLElBQUksR0FBRyxHQUFHLEdBQUcsS0FBSyxDQUFDO1lBQy9CLE1BQU0sS0FBSyxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLEdBQUcsRUFBRSxRQUFRLENBQUMsQ0FBQztZQUM5QyxJQUFJLEtBQUssR0FBRyxDQUFDLEVBQUUsQ0FBQztnQkFDZCw0Q0FBNEM7Z0JBQzVDLElBQUksQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLElBQUksRUFBRSxFQUFFLElBQUksRUFBRSxHQUFHLEVBQUUsTUFBTSxFQUFFLEtBQUssRUFBRSxTQUFTLEVBQUUsSUFBSSxFQUFFLENBQUMsQ0FBQztnQkFDdkUsT0FBTztZQUNULENBQUM7WUFDRCxJQUFJLEtBQUssR0FBRyxDQUFDLEVBQUUsQ0FBQztnQkFDZCwrQ0FBK0M7Z0JBQy9DLElBQUksQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxFQUFFLEVBQUUsTUFBTSxFQUFFLEtBQUssRUFBRSxTQUFTLEVBQUUsSUFBSSxFQUFFLENBQUMsQ0FBQztZQUM3RSxDQUFDO1lBQ0QsT0FBTyxLQUFLLENBQUM7UUFDZixDQUFDO1FBRUQsVUFBVTtRQUNWLEtBQUssR0FBRyxZQUFZLENBQUMsS0FBSyxFQUFFLElBQUksRUFBRSxRQUFRLENBQVcsQ0FBQztRQUN0RCxNQUFNLEdBQUcsR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUNyQyxPQUFPLEdBQUcsQ0FBQyxDQUFDLENBQUMsR0FBRyxDQUFDLEtBQUssQ0FBQyxRQUFRLEVBQUUsQ0FBQyxDQUFDLENBQUMsU0FBUyxDQUFDO0lBQ2hELENBQUM7SUFFRCxHQUFHLENBQUMsSUFBWSxFQUFFLEtBQW9CLEVBQUUsSUFBdUI7UUFDN0QsSUFBSSxHQUFHO1lBQ0wsR0FBRyxJQUFJLENBQUMscUJBQXFCO1lBQzdCLEdBQUcsSUFBSTtTQUNSLENBQUM7UUFDRixNQUFNLE1BQU0sR0FBRyxhQUFhLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDbkMsS0FBSyxHQUFHLEtBQUssSUFBSSxFQUFFLENBQUM7UUFDcEIsSUFBSSxDQUFDLElBQUksQ0FBQyxNQUFNLElBQUksSUFBSSxDQUFDLE1BQU0sRUFBRSxDQUFDO1lBQ2hDLE1BQU0sSUFBSSxXQUFXLENBQUMsdURBQXVELENBQUMsQ0FBQztRQUNqRixDQUFDO1FBRUQsSUFBSSxPQUFPLEdBQWEsSUFBSSxDQUFDLEdBQUcsQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLFlBQVksQ0FBQyxJQUFJLEVBQUUsQ0FBQztRQUNsRSxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxPQUFPLENBQUMsRUFBRSxDQUFDO1lBQzVCLE9BQU8sR0FBRyxDQUFFLE9BQU8sQ0FBRSxDQUFDO1FBQ3hCLENBQUM7UUFFRCxVQUFVO1FBQ1YsSUFBSSxJQUFJLENBQUMsT0FBTyxFQUFFLENBQUM7WUFDakIsS0FBSyxHQUFHLEtBQUssSUFBSSxZQUFZLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLEVBQUUsSUFBSSxDQUFDLENBQUM7UUFDaEUsQ0FBQztRQUVELDBDQUEwQztRQUMxQyxJQUFJLEtBQUssQ0FBQyxNQUFNLEdBQUcsSUFBSSxFQUFFLENBQUM7WUFDeEIsSUFBSSxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsbUJBQW1CLEVBQUUsRUFBRSxJQUFJLEVBQUUsS0FBSyxFQUFFLEdBQUcsRUFBRSxJQUFJLENBQUMsR0FBRyxFQUFFLENBQUMsQ0FBQztRQUNyRSxDQUFDO1FBRUQseURBQXlEO1FBQ3pELGtEQUFrRDtRQUNsRCxNQUFNLFNBQVMsR0FBdUIsSUFBSSxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsWUFBWSxDQUFDLENBQUM7UUFDakUsSUFBSSxjQUFjLEdBQUcsS0FBSyxDQUFDO1FBQzNCLDBDQUEwQztRQUMxQyxJQUFJLFNBQVMsR0FBRyxDQUFDLElBQUksQ0FBQyxXQUFXLElBQUksSUFBSSxDQUFDLFVBQVUsQ0FBQztRQUNyRCxJQUFJLElBQUksQ0FBQyxRQUFRLElBQUksT0FBTyxJQUFJLENBQUMsUUFBUSxLQUFLLFFBQVEsSUFBSSxJQUFJLENBQUMsUUFBUSxDQUFDLFdBQVcsRUFBRSxLQUFLLE1BQU0sRUFBRSxDQUFDO1lBQ2pHLGNBQWMsR0FBRyxJQUFJLENBQUM7WUFDdEIsSUFBSSxJQUFJLENBQUMsTUFBTSxLQUFLLEtBQUssSUFBSSxDQUFDLElBQUksQ0FBQyxNQUFNLElBQUksQ0FBQyxTQUFTLElBQUksQ0FBQyxJQUFJLENBQUMsd0JBQXdCLENBQUMsU0FBUyxDQUFDLENBQUMsRUFBRSxDQUFDO2dCQUN0RyxnRkFBZ0Y7Z0JBQ2hGLElBQUksQ0FBQyxRQUFRLEdBQUcsS0FBSyxDQUFDO2dCQUN0QixjQUFjLEdBQUcsS0FBSyxDQUFDO1lBQ3pCLENBQUM7UUFDSCxDQUFDO1FBQ0QsSUFBSSxTQUFTLElBQUksSUFBSSxDQUFDLFdBQVcsRUFBRSxDQUFDO1lBQ2xDLDRFQUE0RTtZQUM1RSxJQUFJLENBQUMsY0FBYyxJQUFJLElBQUksQ0FBQyxNQUFNLEtBQUssS0FBSyxJQUFJLENBQUMsSUFBSSxDQUFDLE1BQU0sSUFBSSxDQUFDLFNBQVMsSUFBSSxDQUFDLElBQUksQ0FBQyx1QkFBdUIsQ0FBQyxTQUFTLENBQUMsQ0FBQyxFQUFFLENBQUM7Z0JBQ3hILDhFQUE4RTtnQkFDOUUsU0FBUyxHQUFHLEtBQUssQ0FBQztnQkFDbEIsSUFBSSxDQUFDLFdBQVcsR0FBRyxLQUFLLENBQUM7WUFDM0IsQ0FBQztRQUNILENBQUM7UUFFRCw4Q0FBOEM7UUFDOUMsSUFBSSxJQUFJLENBQUMsV0FBVyxJQUFJLElBQUksQ0FBQyxtQkFBbUIsRUFBRSxDQUFDO1lBQ2pELE1BQU0sU0FBUyxHQUFHLElBQUksQ0FBQyxTQUFTLENBQUM7WUFDakMsSUFBSSxTQUFTLEVBQUUsQ0FBQztnQkFDZCxJQUFJLENBQUMsU0FBUyxHQUFHLEtBQUssQ0FBQztnQkFDdkIsT0FBTyxHQUFHLG1CQUFtQixDQUFDLE9BQU8sRUFBRSxJQUFJLENBQUMsQ0FBQztZQUMvQyxDQUFDO1lBQ0QsTUFBTSxnQkFBZ0IsR0FBRyxNQUFNLENBQUMsTUFBTSxDQUFDLEVBQUUsRUFBRSxJQUFJLEVBQUU7Z0JBQy9DLFdBQVcsRUFBRSxLQUFLO2FBQ25CLENBQUMsQ0FBQztZQUNILE1BQU0seUJBQXlCLEdBQUcsSUFBSSxNQUFNLENBQUMsSUFBSSxFQUFFLEVBQUUsRUFBRSxnQkFBZ0IsQ0FBQyxDQUFDO1lBQ3pFLHFEQUFxRDtZQUNyRCxJQUFJLElBQUksQ0FBQyxNQUFNLEtBQUssU0FBUyxFQUFFLENBQUM7Z0JBQzlCLHlCQUF5QixDQUFDLEtBQUssQ0FBQyxNQUFNLEdBQUcsSUFBSSxDQUFDLE1BQU0sQ0FBQztZQUN2RCxDQUFDO1lBRUQsT0FBTyxHQUFHLFVBQVUsQ0FBQyxPQUFPLEVBQUUseUJBQXlCLENBQUMsQ0FBQztZQUN6RCxTQUFTO1lBQ1QsSUFBSSxNQUFNLEVBQUUsQ0FBQztnQkFDWCx5QkFBeUIsQ0FBQyxJQUFJLElBQUksTUFBTSxDQUFDO2dCQUN6QyxPQUFPLEdBQUcsbUJBQW1CLENBQUMsT0FBTyxFQUFFLHlCQUF5QixDQUFDLElBQUksQ0FBQyxDQUFDO2dCQUN2RSxPQUFPLEdBQUcsVUFBVSxDQUFDLE9BQU8sRUFBRSx5QkFBeUIsQ0FBQyxDQUFDO1lBQzNELENBQUM7UUFDSCxDQUFDO2FBQU0sSUFBSSxTQUFTLEVBQUUsQ0FBQztZQUNyQixtQ0FBbUM7WUFDbkMsTUFBTSxhQUFhLEdBQUcsSUFBSSxDQUFDLHNCQUFzQixDQUFDLElBQUksQ0FBQyxDQUFDO1lBQ3hELE1BQU0sYUFBYSxHQUFHO2dCQUNwQixHQUFHLElBQUk7Z0JBQ1AsV0FBVyxFQUFFLElBQUk7YUFDbEIsQ0FBQztZQUNGLE1BQU0sb0JBQW9CLEdBQUcsSUFBSSxNQUFNLENBQUMsYUFBYSxFQUFFLEtBQUssRUFBRSxhQUFhLENBQUMsQ0FBQztZQUM3RSxxREFBcUQ7WUFDckQsSUFBSSxJQUFJLENBQUMsTUFBTSxLQUFLLFNBQVM7Z0JBQUUsb0JBQW9CLENBQUMsS0FBSyxDQUFDLE1BQU0sR0FBRyxJQUFJLENBQUMsTUFBTSxDQUFDO1lBRS9FLE9BQU8sR0FBRyxVQUFVLENBQUMsT0FBTyxFQUFFLG9CQUFvQixDQUFDLENBQUM7WUFDcEQsU0FBUztZQUNULElBQUksTUFBTSxFQUFFLENBQUM7Z0JBQ1gsb0JBQW9CLENBQUMsS0FBSyxHQUFHLEtBQUssSUFBSSxJQUFJLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxvQkFBb0IsQ0FBQyxRQUFRLEVBQUUsQ0FBQyxDQUFDO2dCQUN0RixvQkFBb0IsQ0FBQyxJQUFJLElBQUksTUFBTSxDQUFDO2dCQUNwQyxPQUFPLEdBQUcsbUJBQW1CLENBQUMsT0FBTyxFQUFFLG9CQUFvQixDQUFDLElBQUksQ0FBQyxDQUFDO2dCQUNsRSxPQUFPLEdBQUcsVUFBVSxDQUFDLE9BQU8sRUFBRSxvQkFBb0IsQ0FBQyxDQUFDO1lBQ3RELENBQUM7UUFDSCxDQUFDO1FBRUQsTUFBTSxNQUFNLEdBQUcsSUFBSSxNQUFNLENBQUMsSUFBSSxFQUFFLEtBQUssRUFBRSxJQUFJLENBQUMsQ0FBQztRQUM3QyxxREFBcUQ7UUFDckQsSUFBSSxJQUFJLENBQUMsTUFBTSxLQUFLLFNBQVMsRUFBRSxDQUFDO1lBQzlCLE1BQU0sQ0FBQyxLQUFLLENBQUMsTUFBTSxHQUFHLElBQUksQ0FBQyxNQUFNLENBQUM7UUFDcEMsQ0FBQztRQUNELE9BQU8sR0FBRyxVQUFVLENBQUMsT0FBTyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1FBRXRDLFNBQVM7UUFDVCxJQUFJLE1BQU0sRUFBRSxDQUFDO1lBQ1gsTUFBTSxDQUFDLEtBQUssR0FBRyxLQUFLLElBQUksSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLFFBQVEsRUFBRSxDQUFDLENBQUM7WUFDMUQsTUFBTSxDQUFDLElBQUksSUFBSSxNQUFNLENBQUM7WUFDdEIsT0FBTyxHQUFHLFVBQVUsQ0FBQyxPQUFPLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFDeEMsQ0FBQztRQUVELElBQUksQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLFlBQVksRUFBRSxPQUFPLENBQUMsQ0FBQztRQUNwQyxPQUFPLElBQUksQ0FBQztJQUNkLENBQUM7SUFFRCxzQkFBc0IsQ0FBQyxJQUFZO1FBQ2pDLE9BQU8sVUFBVSxJQUFJLEVBQUUsQ0FBQztJQUMxQixDQUFDO0lBRUQsNkJBQTZCLENBQUMsU0FBaUI7UUFDN0MsSUFBSSxDQUFDLElBQUksQ0FBQyxvQkFBb0IsRUFBRSxDQUFDO1lBQy9CLElBQUksQ0FBQyxvQkFBb0IsR0FBRyw0QkFBNEIsQ0FBQyxTQUFTLENBQUMsQ0FBQztRQUN0RSxDQUFDO1FBQ0QsT0FBTyxJQUFJLENBQUMsb0JBQW9CLENBQUM7SUFDbkMsQ0FBQztJQUVELHdCQUF3QixDQUFDLFNBQWlCO1FBQ3hDLHFCQUFxQjtRQUNyQixNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsNkJBQTZCLENBQUMsU0FBUyxDQUFDLENBQUM7UUFDN0QsSUFBSSxNQUFNLENBQUMsUUFBUSxFQUFFLENBQUM7WUFDcEIsT0FBTyxNQUFNLENBQUMsWUFBWSxJQUFJLEVBQUUsQ0FBQztRQUNuQyxDQUFDO1FBQ0QsT0FBTyx3QkFBd0IsQ0FBQyxTQUFTLENBQUMsQ0FBQztJQUM3QyxDQUFDO0lBRUQsdUJBQXVCLENBQUMsU0FBaUI7UUFDdkMsK0JBQStCO1FBQy9CLHNDQUFzQztRQUN0QywyREFBMkQ7UUFDM0QsTUFBTSxNQUFNLEdBQUcsSUFBSSxDQUFDLDZCQUE2QixDQUFDLFNBQVMsQ0FBQyxDQUFDO1FBQzdELElBQUksTUFBTSxDQUFDLFFBQVEsRUFBRSxDQUFDO1lBQ3BCLE9BQU8sTUFBTSxDQUFDLFlBQVksSUFBSSxHQUFHLENBQUM7UUFDcEMsQ0FBQztRQUNELE9BQU8sS0FBSyxDQUFDO0lBQ2YsQ0FBQztDQUNGO0FBT0Qsa0ZBQWtGO0FBQ2xGLFNBQVMsNEJBQTRCLENBQUMsU0FBaUI7SUFDckQsTUFBTSxDQUFDLEdBQUcsbUNBQW1DLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxDQUFDO0lBQzlELElBQUksQ0FBQyxDQUFDLEVBQUUsQ0FBQztRQUNQLE9BQU8sRUFBRSxRQUFRLEVBQUUsS0FBSyxFQUFFLFlBQVksRUFBRSxDQUFDLEVBQUUsQ0FBQztJQUM5QyxDQUFDO0lBQ0QsNkNBQTZDO0lBQzdDLE9BQU8sRUFBRSxRQUFRLEVBQUUsSUFBSSxFQUFFLFlBQVksRUFBRSxRQUFRLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQztBQUMxRCxDQUFDO0FBRUQsTUFBTSxhQUFhLEdBQUcsSUFBSSxHQUFHLEVBQWtCLENBQUM7QUFDaEQsU0FBUyxVQUFVLENBQUMsSUFBWTtJQUM5QixNQUFNLEtBQUssR0FBRyxhQUFhLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxDQUFDO0lBQ3RDLElBQUksS0FBSyxFQUFFLENBQUM7UUFDVixPQUFPLEtBQUssQ0FBQztJQUNmLENBQUM7SUFDRCxNQUFNLEdBQUcsR0FBRyxJQUFJLE1BQU0sQ0FDcEIsV0FBVztRQUNYLElBQUksQ0FBQyxPQUFPLENBQUMsMEJBQTBCLEVBQUUsTUFBTSxDQUFDO1FBQ2hELFVBQVUsQ0FDWCxDQUFDO0lBQ0YsYUFBYSxDQUFDLEdBQUcsQ0FBQyxJQUFJLEVBQUUsR0FBRyxDQUFDLENBQUM7SUFDN0IsT0FBTyxHQUFHLENBQUM7QUFDYixDQUFDO0FBRUQsU0FBUyxhQUFhLENBQUMsSUFBc0Q7SUFDM0Usb0RBQW9EO0lBQ3BELHVDQUF1QztJQUN2QyxJQUFJLElBQUksQ0FBQyxPQUFPO1FBQUUsT0FBTyxLQUFLLENBQUM7SUFDL0IsT0FBTyxJQUFJLENBQUMsTUFBTSxLQUFLLEtBQUssQ0FBQztBQUMvQixDQUFDO0FBRUQsU0FBUyxVQUFVLENBQUMsT0FBaUIsRUFBRSxNQUFjO0lBQ25ELElBQUksTUFBTSxDQUFDLEtBQUssQ0FBQyxTQUFTLEVBQUUsQ0FBQztRQUMzQixPQUFPLEdBQUcsbUJBQW1CLENBQUMsT0FBTyxFQUFFLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FBQztJQUN0RCxDQUFDO0lBQ0QsT0FBTyxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsUUFBUSxFQUFFLENBQUMsQ0FBQztJQUNoQyxPQUFPLE9BQU8sQ0FBQztBQUNqQixDQUFDO0FBRUQsU0FBUyxtQkFBbUIsQ0FBQyxPQUFpQixFQUFFLElBQVk7SUFDMUQsTUFBTSxNQUFNLEdBQUcsR0FBRyxJQUFJLEdBQUcsQ0FBQztJQUMxQixPQUFPLE9BQU8sQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsQ0FBQyxVQUFVLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQztBQUNwRCxDQUFDIn0=
package/dist/esm/error.d.ts ADDED
@@ -0,0 +1,3 @@
1
+ export declare class CookieError extends Error {
2
+ constructor(message: string, options?: ErrorOptions);
3
+ }
package/dist/esm/error.js ADDED
@@ -0,0 +1,7 @@
1
+ export class CookieError extends Error {
2
+ constructor(message, options) {
3
+ super(message, options);
4
+ this.name = this.constructor.name;
5
+ }
6
+ }
7
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZXJyb3IuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvZXJyb3IudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsTUFBTSxPQUFPLFdBQVksU0FBUSxLQUFLO0lBQ3BDLFlBQVksT0FBZSxFQUFFLE9BQXNCO1FBQ2pELEtBQUssQ0FBQyxPQUFPLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFDeEIsSUFBSSxDQUFDLElBQUksR0FBRyxJQUFJLENBQUMsV0FBVyxDQUFDLElBQUksQ0FBQztJQUNwQyxDQUFDO0NBQ0YifQ==
package/dist/esm/index.d.ts ADDED
@@ -0,0 +1,4 @@
1
+ export * from './cookies.js';
2
+ export * from './cookie.js';
3
+ export * from './error.js';
4
+ export * from './keygrip.js';
package/dist/esm/index.js ADDED
@@ -0,0 +1,5 @@
1
+ export * from './cookies.js';
2
+ export * from './cookie.js';
3
+ export * from './error.js';
4
+ export * from './keygrip.js';
5
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsY0FBYyxjQUFjLENBQUM7QUFDN0IsY0FBYyxhQUFhLENBQUM7QUFDNUIsY0FBYyxZQUFZLENBQUM7QUFDM0IsY0FBYyxjQUFjLENBQUMifQ==
package/dist/esm/keygrip.d.ts ADDED
@@ -0,0 +1,11 @@
1
+ export declare class Keygrip {
2
+ #private;
3
+ constructor(keys: string[]);
4
+ encrypt(data: string, key?: string): Buffer;
5
+ decrypt(data: string | Buffer): {
6
+ value: Buffer;
7
+ index: number;
8
+ } | false;
9
+ sign(data: string | Buffer, key?: string): string;
10
+ verify(data: string, digest: string): number;
11
+ }
package/dist/esm/keygrip.js ADDED
@@ -0,0 +1,113 @@
1
+ import { debuglog } from 'node:util';
2
+ import crypto from 'node:crypto';
3
+ import assert from 'node:assert';
4
+ const debug = debuglog('@eggjs/cookies:keygrip');
5
+ const KEY_LEN = 32;
6
+ const IV_SIZE = 16;
7
+ const passwordCache = new Map();
8
+ const replacer = {
9
+ '/': '_',
10
+ '+': '-',
11
+ '=': '',
12
+ };
13
+ function constantTimeCompare(a, b) {
14
+ if (a.length !== b.length) {
15
+ return false;
16
+ }
17
+ return crypto.timingSafeEqual(a, b);
18
+ }
19
+ // patch from https://github.com/crypto-utils/keygrip
20
+ export class Keygrip {
21
+ #keys;
22
+ #hash = 'sha256';
23
+ #cipher = 'aes-256-cbc';
24
+ constructor(keys) {
25
+ assert(Array.isArray(keys) && keys.length > 0, 'keys must be provided and should be an array');
26
+ this.#keys = keys;
27
+ }
28
+ // encrypt a message
29
+ encrypt(data, key) {
30
+ key = key || this.#keys[0];
31
+ const password = keyToPassword(key);
32
+ const cipher = crypto.createCipheriv(this.#cipher, password.key, password.iv);
33
+ return crypt(cipher, data);
34
+ }
35
+ // decrypt a single message
36
+ // returns false on bad decrypts
37
+ decrypt(data) {
38
+ // decrypt every key
39
+ const keys = this.#keys;
40
+ for (let i = 0; i < keys.length; i++) {
41
+ const value = this.#decryptByKey(data, keys[i]);
42
+ if (value !== false) {
43
+ return { value, index: i };
44
+ }
45
+ }
46
+ return false;
47
+ }
48
+ #decryptByKey(data, key) {
49
+ try {
50
+ const password = keyToPassword(key);
51
+ const cipher = crypto.createDecipheriv(this.#cipher, password.key, password.iv);
52
+ return crypt(cipher, data);
53
+ }
54
+ catch (err) {
55
+ debug('crypt error: %s', err);
56
+ return false;
57
+ }
58
+ }
59
+ sign(data, key) {
60
+ // default to the first key
61
+ key = key || this.#keys[0];
62
+ // url safe base64
63
+ return crypto
64
+ .createHmac(this.#hash, key)
65
+ .update(data)
66
+ .digest('base64')
67
+ .replace(/\/|\+|=/g, x => {
68
+ return replacer[x];
69
+ });
70
+ }
71
+ verify(data, digest) {
72
+ const keys = this.#keys;
73
+ for (let i = 0; i < keys.length; i++) {
74
+ const key = keys[i];
75
+ if (constantTimeCompare(Buffer.from(digest), Buffer.from(this.sign(data, key)))) {
76
+ debug('data %s match key %s, index: %d', data, key, i);
77
+ return i;
78
+ }
79
+ }
80
+ return -1;
81
+ }
82
+ }
83
+ function crypt(cipher, data) {
84
+ const text = Buffer.isBuffer(data) ? cipher.update(data) : cipher.update(data, 'utf-8');
85
+ const pad = cipher.final();
86
+ return Buffer.concat([text, pad]);
87
+ }
88
+ function keyToPassword(key) {
89
+ if (passwordCache.has(key)) {
90
+ return passwordCache.get(key);
91
+ }
92
+ // Simulate EVP_BytesToKey.
93
+ // see https://github.com/nodejs/help/issues/1673#issuecomment-503222925
94
+ const bytes = Buffer.alloc(KEY_LEN + IV_SIZE);
95
+ let lastHash = null, nBytes = 0;
96
+ while (nBytes < bytes.length) {
97
+ const hash = crypto.createHash('md5');
98
+ if (lastHash)
99
+ hash.update(lastHash);
100
+ hash.update(key);
101
+ lastHash = hash.digest();
102
+ lastHash.copy(bytes, nBytes);
103
+ nBytes += lastHash.length;
104
+ }
105
+ // Use these for decryption.
106
+ const password = {
107
+ key: bytes.subarray(0, KEY_LEN),
108
+ iv: bytes.subarray(KEY_LEN, bytes.length),
109
+ };
110
+ passwordCache.set(key, password);
111
+ return password;
112
+ }
113
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoia2V5Z3JpcC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9rZXlncmlwLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sRUFBRSxRQUFRLEVBQUUsTUFBTSxXQUFXLENBQUM7QUFDckMsT0FBTyxNQUF1QixNQUFNLGFBQWEsQ0FBQztBQUNsRCxPQUFPLE1BQU0sTUFBTSxhQUFhLENBQUM7QUFFakMsTUFBTSxLQUFLLEdBQUcsUUFBUSxDQUFDLHdCQUF3QixDQUFDLENBQUM7QUFFakQsTUFBTSxPQUFPLEdBQUcsRUFBRSxDQUFDO0FBQ25CLE1BQU0sT0FBTyxHQUFHLEVBQUUsQ0FBQztBQUNuQixNQUFNLGFBQWEsR0FBRyxJQUFJLEdBQUcsRUFBRSxDQUFDO0FBRWhDLE1BQU0sUUFBUSxHQUEyQjtJQUN2QyxHQUFHLEVBQUUsR0FBRztJQUNSLEdBQUcsRUFBRSxHQUFHO0lBQ1IsR0FBRyxFQUFFLEVBQUU7Q0FDUixDQUFDO0FBRUYsU0FBUyxtQkFBbUIsQ0FBQyxDQUFTLEVBQUUsQ0FBUztJQUMvQyxJQUFJLENBQUMsQ0FBQyxNQUFNLEtBQUssQ0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDO1FBQzFCLE9BQU8sS0FBSyxDQUFDO0lBQ2YsQ0FBQztJQUNELE9BQU8sTUFBTSxDQUFDLGVBQWUsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUM7QUFDdEMsQ0FBQztBQUVELHFEQUFxRDtBQUVyRCxNQUFNLE9BQU8sT0FBTztJQUNULEtBQUssQ0FBVztJQUNoQixLQUFLLEdBQUcsUUFBUSxDQUFDO0lBQ2pCLE9BQU8sR0FBRyxhQUFhLENBQUM7SUFFakMsWUFBWSxJQUFjO1FBQ3hCLE1BQU0sQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLElBQUksQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFLDhDQUE4QyxDQUFDLENBQUM7UUFDL0YsSUFBSSxDQUFDLEtBQUssR0FBRyxJQUFJLENBQUM7SUFDcEIsQ0FBQztJQUVELG9CQUFvQjtJQUNwQixPQUFPLENBQUMsSUFBWSxFQUFFLEdBQVk7UUFDaEMsR0FBRyxHQUFHLEdBQUcsSUFBSSxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQzNCLE1BQU0sUUFBUSxHQUFHLGFBQWEsQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUNwQyxNQUFNLE1BQU0sR0FBRyxNQUFNLENBQUMsY0FBYyxDQUFDLElBQUksQ0FBQyxPQUFPLEVBQUUsUUFBUSxDQUFDLEdBQUcsRUFBRSxRQUFRLENBQUMsRUFBRSxDQUFDLENBQUM7UUFDOUUsT0FBTyxLQUFLLENBQUMsTUFBTSxFQUFFLElBQUksQ0FBQyxDQUFDO0lBQzdCLENBQUM7SUFFRCwyQkFBMkI7SUFDM0IsZ0NBQWdDO0lBQ2hDLE9BQU8sQ0FBQyxJQUFxQjtRQUMzQixvQkFBb0I7UUFDcEIsTUFBTSxJQUFJLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQztRQUN4QixLQUFLLElBQUksQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDLEdBQUcsSUFBSSxDQUFDLE1BQU0sRUFBRSxDQUFDLEVBQUUsRUFBRSxDQUFDO1lBQ3JDLE1BQU0sS0FBSyxHQUFHLElBQUksQ0FBQyxhQUFhLENBQUMsSUFBSSxFQUFFLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO1lBQ2hELElBQUksS0FBSyxLQUFLLEtBQUssRUFBRSxDQUFDO2dCQUNwQixPQUFPLEVBQUUsS0FBSyxFQUFFLEtBQUssRUFBRSxDQUFDLEVBQUUsQ0FBQztZQUM3QixDQUFDO1FBQ0gsQ0FBQztRQUNELE9BQU8sS0FBSyxDQUFDO0lBQ2YsQ0FBQztJQUVELGFBQWEsQ0FBQyxJQUFxQixFQUFFLEdBQVc7UUFDOUMsSUFBSSxDQUFDO1lBQ0gsTUFBTSxRQUFRLEdBQUcsYUFBYSxDQUFDLEdBQUcsQ0FBQyxDQUFDO1lBQ3BDLE1BQU0sTUFBTSxHQUFHLE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsT0FBTyxFQUFFLFFBQVEsQ0FBQyxHQUFHLEVBQUUsUUFBUSxDQUFDLEVBQUUsQ0FBQyxDQUFDO1lBQ2hGLE9BQU8sS0FBSyxDQUFDLE1BQU0sRUFBRSxJQUFJLENBQUMsQ0FBQztRQUM3QixDQUFDO1FBQUMsT0FBTyxHQUFRLEVBQUUsQ0FBQztZQUNsQixLQUFLLENBQUMsaUJBQWlCLEVBQUUsR0FBRyxDQUFDLENBQUM7WUFDOUIsT0FBTyxLQUFLLENBQUM7UUFDZixDQUFDO0lBQ0gsQ0FBQztJQUVELElBQUksQ0FBQyxJQUFxQixFQUFFLEdBQVk7UUFDdEMsMkJBQTJCO1FBQzNCLEdBQUcsR0FBRyxHQUFHLElBQUksSUFBSSxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUUzQixrQkFBa0I7UUFDbEIsT0FBTyxNQUFNO2FBQ1YsVUFBVSxDQUFDLElBQUksQ0FBQyxLQUFLLEVBQUUsR0FBRyxDQUFDO2FBQzNCLE1BQU0sQ0FBQyxJQUFJLENBQUM7YUFDWixNQUFNLENBQUMsUUFBUSxDQUFDO2FBQ2hCLE9BQU8sQ0FBQyxVQUFVLEVBQUUsQ0FBQyxDQUFDLEVBQUU7WUFDdkIsT0FBTyxRQUFRLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDckIsQ0FBQyxDQUFDLENBQUM7SUFDUCxDQUFDO0lBRUQsTUFBTSxDQUFDLElBQVksRUFBRSxNQUFjO1FBQ2pDLE1BQU0sSUFBSSxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUM7UUFDeEIsS0FBSyxJQUFJLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQyxHQUFHLElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQyxFQUFFLEVBQUUsQ0FBQztZQUNyQyxNQUFNLEdBQUcsR0FBRyxJQUFJLENBQUMsQ0FBQyxDQUFDLENBQUM7WUFDcEIsSUFBSSxtQkFBbUIsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxFQUFFLE1BQU0sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLEVBQUUsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUM7Z0JBQ2hGLEtBQUssQ0FBQyxpQ0FBaUMsRUFBRSxJQUFJLEVBQUUsR0FBRyxFQUFFLENBQUMsQ0FBQyxDQUFDO2dCQUN2RCxPQUFPLENBQUMsQ0FBQztZQUNYLENBQUM7UUFDSCxDQUFDO1FBQ0QsT0FBTyxDQUFDLENBQUMsQ0FBQztJQUNaLENBQUM7Q0FDRjtBQUVELFNBQVMsS0FBSyxDQUFDLE1BQWMsRUFBRSxJQUFxQjtJQUNsRCxNQUFNLElBQUksR0FBRyxNQUFNLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLElBQUksRUFBRSxPQUFPLENBQUMsQ0FBQztJQUN4RixNQUFNLEdBQUcsR0FBRyxNQUFNLENBQUMsS0FBSyxFQUFFLENBQUM7SUFDM0IsT0FBTyxNQUFNLENBQUMsTUFBTSxDQUFDLENBQUUsSUFBSSxFQUFFLEdBQUcsQ0FBRSxDQUFDLENBQUM7QUFDdEMsQ0FBQztBQUVELFNBQVMsYUFBYSxDQUFDLEdBQVc7SUFDaEMsSUFBSSxhQUFhLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUM7UUFDM0IsT0FBTyxhQUFhLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxDQUFDO0lBQ2hDLENBQUM7SUFFRCwyQkFBMkI7SUFDM0Isd0VBQXdFO0lBQ3hFLE1BQU0sS0FBSyxHQUFHLE1BQU0sQ0FBQyxLQUFLLENBQUMsT0FBTyxHQUFHLE9BQU8sQ0FBQyxDQUFDO0lBQzlDLElBQUksUUFBUSxHQUFHLElBQUksRUFDakIsTUFBTSxHQUFHLENBQUMsQ0FBQztJQUNiLE9BQU8sTUFBTSxHQUFHLEtBQUssQ0FBQyxNQUFNLEVBQUUsQ0FBQztRQUM3QixNQUFNLElBQUksR0FBRyxNQUFNLENBQUMsVUFBVSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQ3RDLElBQUksUUFBUTtZQUFFLElBQUksQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLENBQUM7UUFDcEMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUNqQixRQUFRLEdBQUcsSUFBSSxDQUFDLE1BQU0sRUFBRSxDQUFDO1FBQ3pCLFFBQVEsQ0FBQyxJQUFJLENBQUMsS0FBSyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1FBQzdCLE1BQU0sSUFBSSxRQUFRLENBQUMsTUFBTSxDQUFDO0lBQzVCLENBQUM7SUFFRCw0QkFBNEI7SUFDNUIsTUFBTSxRQUFRLEdBQUc7UUFDZixHQUFHLEVBQUUsS0FBSyxDQUFDLFFBQVEsQ0FBQyxDQUFDLEVBQUUsT0FBTyxDQUFDO1FBQy9CLEVBQUUsRUFBRSxLQUFLLENBQUMsUUFBUSxDQUFDLE9BQU8sRUFBRSxLQUFLLENBQUMsTUFBTSxDQUFDO0tBQzFDLENBQUM7SUFFRixhQUFhLENBQUMsR0FBRyxDQUFDLEdBQUcsRUFBRSxRQUFRLENBQUMsQ0FBQztJQUNqQyxPQUFPLFFBQVEsQ0FBQztBQUNsQixDQUFDIn0=
package/dist/esm/package.json ADDED
@@ -0,0 +1,3 @@
1
+ {
2
+ "type": "module"
3
+ }
package/package.json ADDED
@@ -0,0 +1,72 @@
1
+ {
2
+ "name": "@eggjs/cookies",
3
+ "version": "3.0.0",
4
+ "engines": {
5
+ "node": ">= 18.19.0"
6
+ },
7
+ "publishConfig": {
8
+ "access": "public"
9
+ },
10
+ "description": "cookies module for egg",
11
+ "dependencies": {
12
+ "should-send-same-site-none": "^2.0.5",
13
+ "utility": "^2.1.0"
14
+ },
15
+ "devDependencies": {
16
+ "beautify-benchmark": "^0.2.4",
17
+ "benchmark": "^2.1.4",
18
+ "cookies": "^0.7.1",
19
+ "keygrip": "^1.0.2",
20
+ "@arethetypeswrong/cli": "^0.15.3",
21
+ "@eggjs/tsconfig": "1",
22
+ "@types/node": "20",
23
+ "@types/mocha": "10",
24
+ "egg-bin": "6",
25
+ "eslint": "8",
26
+ "eslint-config-egg": "13",
27
+ "tshy": "1",
28
+ "tshy-after": "1",
29
+ "typescript": "5"
30
+ },
31
+ "repository": {
32
+ "type": "git",
33
+ "url": "git://github.com/eggjs/egg-cookies.git"
34
+ },
35
+ "homepage": "https://github.com/eggjs/egg-cookies",
36
+ "author": "fengmk2 <fengmk2@gmail.com> (https://github.com/fengmk2)",
37
+ "license": "MIT",
38
+ "scripts": {
39
+ "lint": "eslint --cache src test --ext .ts",
40
+ "test": "npm run lint -- --fix && egg-bin test",
41
+ "ci": "npm run lint && egg-bin cov && npm run prepublishOnly && attw --pack",
42
+ "prepublishOnly": "tshy && tshy-after"
43
+ },
44
+ "type": "module",
45
+ "tshy": {
46
+ "exports": {
47
+ ".": "./src/index.ts",
48
+ "./package.json": "./package.json"
49
+ }
50
+ },
51
+ "exports": {
52
+ ".": {
53
+ "import": {
54
+ "source": "./src/index.ts",
55
+ "types": "./dist/esm/index.d.ts",
56
+ "default": "./dist/esm/index.js"
57
+ },
58
+ "require": {
59
+ "source": "./src/index.ts",
60
+ "types": "./dist/commonjs/index.d.ts",
61
+ "default": "./dist/commonjs/index.js"
62
+ }
63
+ },
64
+ "./package.json": "./package.json"
65
+ },
66
+ "files": [
67
+ "dist",
68
+ "src"
69
+ ],
70
+ "types": "./dist/commonjs/index.d.ts",
71
+ "main": "./dist/commonjs/index.js"
72
+ }