@gemeentenijmegen/webapp 1.1.1 → 1.1.2

package/node_modules/@gemeentenijmegen/session/node_modules/cookie/README.md

@@ -1,317 +0,0 @@
-# cookie
-
-[![NPM Version][npm-version-image]][npm-url]
-[![NPM Downloads][npm-downloads-image]][npm-url]
-[![Node.js Version][node-image]][node-url]
-[![Build Status][ci-image]][ci-url]
-[![Coverage Status][coveralls-image]][coveralls-url]
-
-Basic HTTP cookie parser and serializer for HTTP servers.
-
-## Installation
-
-This is a [Node.js](https://nodejs.org/en/) module available through the
-[npm registry](https://www.npmjs.com/). Installation is done using the
-[`npm install` command](https://docs.npmjs.com/getting-started/installing-npm-packages-locally):
-
-```sh
-$ npm install cookie
-```
-
-## API
-
-```js
-var cookie = require('cookie');
-```
-
-### cookie.parse(str, options)
-
-Parse an HTTP `Cookie` header string and returning an object of all cookie name-value pairs.
-The `str` argument is the string representing a `Cookie` header value and `options` is an
-optional object containing additional parsing options.
-
-```js
-var cookies = cookie.parse('foo=bar; equation=E%3Dmc%5E2');
-// { foo: 'bar', equation: 'E=mc^2' }
-```
-
-#### Options
-
-`cookie.parse` accepts these properties in the options object.
-
-##### decode
-
-Specifies a function that will be used to decode a cookie's value. Since the value of a cookie
-has a limited character set (and must be a simple string), this function can be used to decode
-a previously-encoded cookie value into a JavaScript string or other object.
-
-The default function is the global `decodeURIComponent`, which will decode any URL-encoded
-sequences into their byte representations.
-
-**note** if an error is thrown from this function, the original, non-decoded cookie value will
-be returned as the cookie's value.
-
-### cookie.serialize(name, value, options)
-
-Serialize a cookie name-value pair into a `Set-Cookie` header string. The `name` argument is the
-name for the cookie, the `value` argument is the value to set the cookie to, and the `options`
-argument is an optional object containing additional serialization options.
-
-```js
-var setCookie = cookie.serialize('foo', 'bar');
-// foo=bar
-```
-
-#### Options
-
-`cookie.serialize` accepts these properties in the options object.
-
-##### domain
-
-Specifies the value for the [`Domain` `Set-Cookie` attribute][rfc-6265-5.2.3]. By default, no
-domain is set, and most clients will consider the cookie to apply to only the current domain.
-
-##### encode
-
-Specifies a function that will be used to encode a cookie's value. Since value of a cookie
-has a limited character set (and must be a simple string), this function can be used to encode
-a value into a string suited for a cookie's value.
-
-The default function is the global `encodeURIComponent`, which will encode a JavaScript string
-into UTF-8 byte sequences and then URL-encode any that fall outside of the cookie range.
-
-##### expires
-
-Specifies the `Date` object to be the value for the [`Expires` `Set-Cookie` attribute][rfc-6265-5.2.1].
-By default, no expiration is set, and most clients will consider this a "non-persistent cookie" and
-will delete it on a condition like exiting a web browser application.
-
-**note** the [cookie storage model specification][rfc-6265-5.3] states that if both `expires` and
-`maxAge` are set, then `maxAge` takes precedence, but it is possible not all clients by obey this,
-so if both are set, they should point to the same date and time.
-
-##### httpOnly
-
-Specifies the `boolean` value for the [`HttpOnly` `Set-Cookie` attribute][rfc-6265-5.2.6]. When truthy,
-the `HttpOnly` attribute is set, otherwise it is not. By default, the `HttpOnly` attribute is not set.
-
-**note** be careful when setting this to `true`, as compliant clients will not allow client-side
-JavaScript to see the cookie in `document.cookie`.
-
-##### maxAge
-
-Specifies the `number` (in seconds) to be the value for the [`Max-Age` `Set-Cookie` attribute][rfc-6265-5.2.2].
-The given number will be converted to an integer by rounding down. By default, no maximum age is set.
-
-**note** the [cookie storage model specification][rfc-6265-5.3] states that if both `expires` and
-`maxAge` are set, then `maxAge` takes precedence, but it is possible not all clients by obey this,
-so if both are set, they should point to the same date and time.
-
-##### partitioned
-
-Specifies the `boolean` value for the [`Partitioned` `Set-Cookie`](rfc-cutler-httpbis-partitioned-cookies)
-attribute. When truthy, the `Partitioned` attribute is set, otherwise it is not. By default, the
-`Partitioned` attribute is not set.
-
-**note** This is an attribute that has not yet been fully standardized, and may change in the future.
-This also means many clients may ignore this attribute until they understand it.
-
-More information about can be found in [the proposal](https://github.com/privacycg/CHIPS).
-
-##### path
-
-Specifies the value for the [`Path` `Set-Cookie` attribute][rfc-6265-5.2.4]. By default, the path
-is considered the ["default path"][rfc-6265-5.1.4].
-
-##### priority
-
-Specifies the `string` to be the value for the [`Priority` `Set-Cookie` attribute][rfc-west-cookie-priority-00-4.1].
-
-  - `'low'` will set the `Priority` attribute to `Low`.
-  - `'medium'` will set the `Priority` attribute to `Medium`, the default priority when not set.
-  - `'high'` will set the `Priority` attribute to `High`.
-
-More information about the different priority levels can be found in
-[the specification][rfc-west-cookie-priority-00-4.1].
-
-**note** This is an attribute that has not yet been fully standardized, and may change in the future.
-This also means many clients may ignore this attribute until they understand it.
-
-##### sameSite
-
-Specifies the `boolean` or `string` to be the value for the [`SameSite` `Set-Cookie` attribute][rfc-6265bis-09-5.4.7].
-
-  - `true` will set the `SameSite` attribute to `Strict` for strict same site enforcement.
-  - `false` will not set the `SameSite` attribute.
-  - `'lax'` will set the `SameSite` attribute to `Lax` for lax same site enforcement.
-  - `'none'` will set the `SameSite` attribute to `None` for an explicit cross-site cookie.
-  - `'strict'` will set the `SameSite` attribute to `Strict` for strict same site enforcement.
-
-More information about the different enforcement levels can be found in
-[the specification][rfc-6265bis-09-5.4.7].
-
-**note** This is an attribute that has not yet been fully standardized, and may change in the future.
-This also means many clients may ignore this attribute until they understand it.
-
-##### secure
-
-Specifies the `boolean` value for the [`Secure` `Set-Cookie` attribute][rfc-6265-5.2.5]. When truthy,
-the `Secure` attribute is set, otherwise it is not. By default, the `Secure` attribute is not set.
-
-**note** be careful when setting this to `true`, as compliant clients will not send the cookie back to
-the server in the future if the browser does not have an HTTPS connection.
-
-## Example
-
-The following example uses this module in conjunction with the Node.js core HTTP server
-to prompt a user for their name and display it back on future visits.
-
-```js
-var cookie = require('cookie');
-var escapeHtml = require('escape-html');
-var http = require('http');
-var url = require('url');
-
-function onRequest(req, res) {
-  // Parse the query string
-  var query = url.parse(req.url, true, true).query;
-
-  if (query && query.name) {
-    // Set a new cookie with the name
-    res.setHeader('Set-Cookie', cookie.serialize('name', String(query.name), {
-      httpOnly: true,
-      maxAge: 60 * 60 * 24 * 7 // 1 week
-    }));
-
-    // Redirect back after setting cookie
-    res.statusCode = 302;
-    res.setHeader('Location', req.headers.referer || '/');
-    res.end();
-    return;
-  }
-
-  // Parse the cookies on the request
-  var cookies = cookie.parse(req.headers.cookie || '');
-
-  // Get the visitor name set in the cookie
-  var name = cookies.name;
-
-  res.setHeader('Content-Type', 'text/html; charset=UTF-8');
-
-  if (name) {
-    res.write('<p>Welcome back, <b>' + escapeHtml(name) + '</b>!</p>');
-  } else {
-    res.write('<p>Hello, new visitor!</p>');
-  }
-
-  res.write('<form method="GET">');
-  res.write('<input placeholder="enter your name" name="name"> <input type="submit" value="Set Name">');
-  res.end('</form>');
-}
-
-http.createServer(onRequest).listen(3000);
-```
-
-## Testing
-
-```sh
-$ npm test
-```
-
-## Benchmark
-
-```
-$ npm run bench
-
-> cookie@0.5.0 bench
-> node benchmark/index.js
-
-  node@18.18.2
-  acorn@8.10.0
-  ada@2.6.0
-  ares@1.19.1
-  brotli@1.0.9
-  cldr@43.1
-  icu@73.2
-  llhttp@6.0.11
-  modules@108
-  napi@9
-  nghttp2@1.57.0
-  nghttp3@0.7.0
-  ngtcp2@0.8.1
-  openssl@3.0.10+quic
-  simdutf@3.2.14
-  tz@2023c
-  undici@5.26.3
-  unicode@15.0
-  uv@1.44.2
-  uvwasi@0.0.18
-  v8@10.2.154.26-node.26
-  zlib@1.2.13.1-motley
-
-> node benchmark/parse-top.js
-
-  cookie.parse - top sites
-
-  14 tests completed.
-
-  parse accounts.google.com x 2,588,913 ops/sec ±0.74% (186 runs sampled)
-  parse apple.com           x 2,370,002 ops/sec ±0.69% (186 runs sampled)
-  parse cloudflare.com      x 2,213,102 ops/sec ±0.88% (188 runs sampled)
-  parse docs.google.com     x 2,194,157 ops/sec ±1.03% (184 runs sampled)
-  parse drive.google.com    x 2,265,084 ops/sec ±0.79% (187 runs sampled)
-  parse en.wikipedia.org    x   457,099 ops/sec ±0.81% (186 runs sampled)
-  parse linkedin.com        x   504,407 ops/sec ±0.89% (186 runs sampled)
-  parse maps.google.com     x 1,230,959 ops/sec ±0.98% (186 runs sampled)
-  parse microsoft.com       x   926,294 ops/sec ±0.88% (184 runs sampled)
-  parse play.google.com     x 2,311,338 ops/sec ±0.83% (185 runs sampled)
-  parse support.google.com  x 1,508,850 ops/sec ±0.86% (186 runs sampled)
-  parse www.google.com      x 1,022,582 ops/sec ±1.32% (182 runs sampled)
-  parse youtu.be            x   332,136 ops/sec ±1.02% (185 runs sampled)
-  parse youtube.com         x   323,833 ops/sec ±0.77% (183 runs sampled)
-
-> node benchmark/parse.js
-
-  cookie.parse - generic
-
-  6 tests completed.
-
-  simple      x 3,214,032 ops/sec ±1.61% (183 runs sampled)
-  decode      x   587,237 ops/sec ±1.16% (187 runs sampled)
-  unquote     x 2,954,618 ops/sec ±1.35% (183 runs sampled)
-  duplicates  x   857,008 ops/sec ±0.89% (187 runs sampled)
-  10 cookies  x   292,133 ops/sec ±0.89% (187 runs sampled)
-  100 cookies x    22,610 ops/sec ±0.68% (187 runs sampled)
-```
-
-## References
-
-- [RFC 6265: HTTP State Management Mechanism][rfc-6265]
-- [Same-site Cookies][rfc-6265bis-09-5.4.7]
-
-[rfc-cutler-httpbis-partitioned-cookies]: https://tools.ietf.org/html/draft-cutler-httpbis-partitioned-cookies/
-[rfc-west-cookie-priority-00-4.1]: https://tools.ietf.org/html/draft-west-cookie-priority-00#section-4.1
-[rfc-6265bis-09-5.4.7]: https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-09#section-5.4.7
-[rfc-6265]: https://tools.ietf.org/html/rfc6265
-[rfc-6265-5.1.4]: https://tools.ietf.org/html/rfc6265#section-5.1.4
-[rfc-6265-5.2.1]: https://tools.ietf.org/html/rfc6265#section-5.2.1
-[rfc-6265-5.2.2]: https://tools.ietf.org/html/rfc6265#section-5.2.2
-[rfc-6265-5.2.3]: https://tools.ietf.org/html/rfc6265#section-5.2.3
-[rfc-6265-5.2.4]: https://tools.ietf.org/html/rfc6265#section-5.2.4
-[rfc-6265-5.2.5]: https://tools.ietf.org/html/rfc6265#section-5.2.5
-[rfc-6265-5.2.6]: https://tools.ietf.org/html/rfc6265#section-5.2.6
-[rfc-6265-5.3]: https://tools.ietf.org/html/rfc6265#section-5.3
-
-## License
-
-[MIT](LICENSE)
-
-[ci-image]: https://badgen.net/github/checks/jshttp/cookie/master?label=ci
-[ci-url]: https://github.com/jshttp/cookie/actions/workflows/ci.yml
-[coveralls-image]: https://badgen.net/coveralls/c/github/jshttp/cookie/master
-[coveralls-url]: https://coveralls.io/r/jshttp/cookie?branch=master
-[node-image]: https://badgen.net/npm/node/cookie
-[node-url]: https://nodejs.org/en/download
-[npm-downloads-image]: https://badgen.net/npm/dm/cookie
-[npm-url]: https://npmjs.org/package/cookie
-[npm-version-image]: https://badgen.net/npm/v/cookie

package/node_modules/@gemeentenijmegen/session/node_modules/cookie/SECURITY.md

@@ -1,25 +0,0 @@
-# Security Policies and Procedures
-
-## Reporting a Bug
-
-The `cookie` team and community take all security bugs seriously. Thank
-you for improving the security of the project. We appreciate your efforts and
-responsible disclosure and will make every effort to acknowledge your
-contributions.
-
-Report security bugs by emailing the current owner(s) of `cookie`. This
-information can be found in the npm registry using the command
-`npm owner ls cookie`.
-If unsure or unable to get the information from the above, open an issue
-in the [project issue tracker](https://github.com/jshttp/cookie/issues)
-asking for the current contact information.
-
-To ensure the timely response to your report, please ensure that the entirety
-of the report is contained within the email body and not solely behind a web
-link or an attachment.
-
-At least one owner will acknowledge your email within 48 hours, and will send a
-more detailed response within 48 hours indicating the next steps in handling
-your report. After the initial reply to your report, the owners will
-endeavor to keep you informed of the progress towards a fix and full
-announcement, and may ask for additional information or guidance.

package/node_modules/@gemeentenijmegen/session/node_modules/cookie/index.js

@@ -1,274 +0,0 @@
-/*!
- * cookie
- * Copyright(c) 2012-2014 Roman Shtylman
- * Copyright(c) 2015 Douglas Christopher Wilson
- * MIT Licensed
- */
-
-'use strict';
-
-/**
- * Module exports.
- * @public
- */
-
-exports.parse = parse;
-exports.serialize = serialize;
-
-/**
- * Module variables.
- * @private
- */
-
-var __toString = Object.prototype.toString
-
-/**
- * RegExp to match field-content in RFC 7230 sec 3.2
- *
- * field-content = field-vchar [ 1*( SP / HTAB ) field-vchar ]
- * field-vchar   = VCHAR / obs-text
- * obs-text      = %x80-FF
- */
-
-var fieldContentRegExp = /^[\u0009\u0020-\u007e\u0080-\u00ff]+$/;
-
-/**
- * Parse a cookie header.
- *
- * Parse the given cookie header string into an object
- * The object has the various cookies as keys(names) => values
- *
- * @param {string} str
- * @param {object} [options]
- * @return {object}
- * @public
- */
-
-function parse(str, options) {
-  if (typeof str !== 'string') {
-    throw new TypeError('argument str must be a string');
-  }
-
-  var obj = {}
-  var opt = options || {};
-  var dec = opt.decode || decode;
-
-  var index = 0
-  while (index < str.length) {
-    var eqIdx = str.indexOf('=', index)
-
-    // no more cookie pairs
-    if (eqIdx === -1) {
-      break
-    }
-
-    var endIdx = str.indexOf(';', index)
-
-    if (endIdx === -1) {
-      endIdx = str.length
-    } else if (endIdx < eqIdx) {
-      // backtrack on prior semicolon
-      index = str.lastIndexOf(';', eqIdx - 1) + 1
-      continue
-    }
-
-    var key = str.slice(index, eqIdx).trim()
-
-    // only assign once
-    if (undefined === obj[key]) {
-      var val = str.slice(eqIdx + 1, endIdx).trim()
-
-      // quoted values
-      if (val.charCodeAt(0) === 0x22) {
-        val = val.slice(1, -1)
-      }
-
-      obj[key] = tryDecode(val, dec);
-    }
-
-    index = endIdx + 1
-  }
-
-  return obj;
-}
-
-/**
- * Serialize data into a cookie header.
- *
- * Serialize the a name value pair into a cookie string suitable for
- * http headers. An optional options object specified cookie parameters.
- *
- * serialize('foo', 'bar', { httpOnly: true })
- *   => "foo=bar; httpOnly"
- *
- * @param {string} name
- * @param {string} val
- * @param {object} [options]
- * @return {string}
- * @public
- */
-
-function serialize(name, val, options) {
-  var opt = options || {};
-  var enc = opt.encode || encode;
-
-  if (typeof enc !== 'function') {
-    throw new TypeError('option encode is invalid');
-  }
-
-  if (!fieldContentRegExp.test(name)) {
-    throw new TypeError('argument name is invalid');
-  }
-
-  var value = enc(val);
-
-  if (value && !fieldContentRegExp.test(value)) {
-    throw new TypeError('argument val is invalid');
-  }
-
-  var str = name + '=' + value;
-
-  if (null != opt.maxAge) {
-    var maxAge = opt.maxAge - 0;
-
-    if (isNaN(maxAge) || !isFinite(maxAge)) {
-      throw new TypeError('option maxAge is invalid')
-    }
-
-    str += '; Max-Age=' + Math.floor(maxAge);
-  }
-
-  if (opt.domain) {
-    if (!fieldContentRegExp.test(opt.domain)) {
-      throw new TypeError('option domain is invalid');
-    }
-
-    str += '; Domain=' + opt.domain;
-  }
-
-  if (opt.path) {
-    if (!fieldContentRegExp.test(opt.path)) {
-      throw new TypeError('option path is invalid');
-    }
-
-    str += '; Path=' + opt.path;
-  }
-
-  if (opt.expires) {
-    var expires = opt.expires
-
-    if (!isDate(expires) || isNaN(expires.valueOf())) {
-      throw new TypeError('option expires is invalid');
-    }
-
-    str += '; Expires=' + expires.toUTCString()
-  }
-
-  if (opt.httpOnly) {
-    str += '; HttpOnly';
-  }
-
-  if (opt.secure) {
-    str += '; Secure';
-  }
-
-  if (opt.partitioned) {
-    str += '; Partitioned'
-  }
-
-  if (opt.priority) {
-    var priority = typeof opt.priority === 'string'
-      ? opt.priority.toLowerCase()
-      : opt.priority
-
-    switch (priority) {
-      case 'low':
-        str += '; Priority=Low'
-        break
-      case 'medium':
-        str += '; Priority=Medium'
-        break
-      case 'high':
-        str += '; Priority=High'
-        break
-      default:
-        throw new TypeError('option priority is invalid')
-    }
-  }
-
-  if (opt.sameSite) {
-    var sameSite = typeof opt.sameSite === 'string'
-      ? opt.sameSite.toLowerCase() : opt.sameSite;
-
-    switch (sameSite) {
-      case true:
-        str += '; SameSite=Strict';
-        break;
-      case 'lax':
-        str += '; SameSite=Lax';
-        break;
-      case 'strict':
-        str += '; SameSite=Strict';
-        break;
-      case 'none':
-        str += '; SameSite=None';
-        break;
-      default:
-        throw new TypeError('option sameSite is invalid');
-    }
-  }
-
-  return str;
-}
-
-/**
- * URL-decode string value. Optimized to skip native call when no %.
- *
- * @param {string} str
- * @returns {string}
- */
-
-function decode (str) {
-  return str.indexOf('%') !== -1
-    ? decodeURIComponent(str)
-    : str
-}
-
-/**
- * URL-encode value.
- *
- * @param {string} val
- * @returns {string}
- */
-
-function encode (val) {
-  return encodeURIComponent(val)
-}
-
-/**
- * Determine if value is a Date.
- *
- * @param {*} val
- * @private
- */
-
-function isDate (val) {
-  return __toString.call(val) === '[object Date]' ||
-    val instanceof Date
-}
-
-/**
- * Try decoding a string using a decoding function.
- *
- * @param {string} str
- * @param {function} decode
- * @private
- */
-
-function tryDecode(str, decode) {
-  try {
-    return decode(str);
-  } catch (e) {
-    return str;
-  }
-}

package/node_modules/@gemeentenijmegen/session/node_modules/cookie/package.json

@@ -1,44 +0,0 @@
-{
-  "name": "cookie",
-  "description": "HTTP server cookie parsing and serialization",
-  "version": "0.6.0",
-  "author": "Roman Shtylman <shtylman@gmail.com>",
-  "contributors": [
-    "Douglas Christopher Wilson <doug@somethingdoug.com>"
-  ],
-  "license": "MIT",
-  "keywords": [
-    "cookie",
-    "cookies"
-  ],
-  "repository": "jshttp/cookie",
-  "devDependencies": {
-    "beautify-benchmark": "0.2.4",
-    "benchmark": "2.1.4",
-    "eslint": "8.53.0",
-    "eslint-plugin-markdown": "3.0.1",
-    "mocha": "10.2.0",
-    "nyc": "15.1.0",
-    "safe-buffer": "5.2.1",
-    "top-sites": "1.1.194"
-  },
-  "files": [
-    "HISTORY.md",
-    "LICENSE",
-    "README.md",
-    "SECURITY.md",
-    "index.js"
-  ],
-  "engines": {
-    "node": ">= 0.6"
-  },
-  "scripts": {
-    "bench": "node benchmark/index.js",
-    "lint": "eslint .",
-    "test": "mocha --reporter spec --bail --check-leaks test/",
-    "test-ci": "nyc --reporter=lcov --reporter=text npm test",
-    "test-cov": "nyc --reporter=html --reporter=text npm test",
-    "update-bench": "node scripts/update-benchmark.js",
-    "version": "node scripts/version-history.js && git add HISTORY.md"
-  }
-}