@relative-ci/core 5.2.2 → 5.3.0-alpha.0

package/lib/cjs/__/undici/lib/cookies/parse.js

@@ -0,0 +1,338 @@
+'use strict';
+
+var constants = require('./constants.js');
+var util = require('./util.js');
+var dataURL = require('../fetch/dataURL.js');
+var require$$0 = require('node:assert');
+
+function _interopDefault (e) { return e && e.__esModule ? e : { default: e }; }
+
+var require$$0__default = /*#__PURE__*/_interopDefault(require$$0);
+
+var parse;
+var hasRequiredParse;
+
+function requireParse () {
+	if (hasRequiredParse) return parse;
+	hasRequiredParse = 1;
+
+	const { maxNameValuePairSize, maxAttributeValueSize } = constants.__require();
+	const { isCTLExcludingHtab } = util.__require();
+	const { collectASequenceOfCodePointsFast } = dataURL.__require();
+	const assert = require$$0__default.default;
+
+	/**
+	 * @description Parses the field-value attributes of a set-cookie header string.
+	 * @see https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4
+	 * @param {string} header
+	 * @returns if the header is invalid, null will be returned
+	 */
+	function parseSetCookie (header) {
+	  // 1. If the set-cookie-string contains a %x00-08 / %x0A-1F / %x7F
+	  //    character (CTL characters excluding HTAB): Abort these steps and
+	  //    ignore the set-cookie-string entirely.
+	  if (isCTLExcludingHtab(header)) {
+	    return null
+	  }
+
+	  let nameValuePair = '';
+	  let unparsedAttributes = '';
+	  let name = '';
+	  let value = '';
+
+	  // 2. If the set-cookie-string contains a %x3B (";") character:
+	  if (header.includes(';')) {
+	    // 1. The name-value-pair string consists of the characters up to,
+	    //    but not including, the first %x3B (";"), and the unparsed-
+	    //    attributes consist of the remainder of the set-cookie-string
+	    //    (including the %x3B (";") in question).
+	    const position = { position: 0 };
+
+	    nameValuePair = collectASequenceOfCodePointsFast(';', header, position);
+	    unparsedAttributes = header.slice(position.position);
+	  } else {
+	    // Otherwise:
+
+	    // 1. The name-value-pair string consists of all the characters
+	    //    contained in the set-cookie-string, and the unparsed-
+	    //    attributes is the empty string.
+	    nameValuePair = header;
+	  }
+
+	  // 3. If the name-value-pair string lacks a %x3D ("=") character, then
+	  //    the name string is empty, and the value string is the value of
+	  //    name-value-pair.
+	  if (!nameValuePair.includes('=')) {
+	    value = nameValuePair;
+	  } else {
+	    //    Otherwise, the name string consists of the characters up to, but
+	    //    not including, the first %x3D ("=") character, and the (possibly
+	    //    empty) value string consists of the characters after the first
+	    //    %x3D ("=") character.
+	    const position = { position: 0 };
+	    name = collectASequenceOfCodePointsFast(
+	      '=',
+	      nameValuePair,
+	      position
+	    );
+	    value = nameValuePair.slice(position.position + 1);
+	  }
+
+	  // 4. Remove any leading or trailing WSP characters from the name
+	  //    string and the value string.
+	  name = name.trim();
+	  value = value.trim();
+
+	  // 5. If the sum of the lengths of the name string and the value string
+	  //    is more than 4096 octets, abort these steps and ignore the set-
+	  //    cookie-string entirely.
+	  if (name.length + value.length > maxNameValuePairSize) {
+	    return null
+	  }
+
+	  // 6. The cookie-name is the name string, and the cookie-value is the
+	  //    value string.
+	  return {
+	    name, value, ...parseUnparsedAttributes(unparsedAttributes)
+	  }
+	}
+
+	/**
+	 * Parses the remaining attributes of a set-cookie header
+	 * @see https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4
+	 * @param {string} unparsedAttributes
+	 * @param {[Object.<string, unknown>]={}} cookieAttributeList
+	 */
+	function parseUnparsedAttributes (unparsedAttributes, cookieAttributeList = {}) {
+	  // 1. If the unparsed-attributes string is empty, skip the rest of
+	  //    these steps.
+	  if (unparsedAttributes.length === 0) {
+	    return cookieAttributeList
+	  }
+
+	  // 2. Discard the first character of the unparsed-attributes (which
+	  //    will be a %x3B (";") character).
+	  assert(unparsedAttributes[0] === ';');
+	  unparsedAttributes = unparsedAttributes.slice(1);
+
+	  let cookieAv = '';
+
+	  // 3. If the remaining unparsed-attributes contains a %x3B (";")
+	  //    character:
+	  if (unparsedAttributes.includes(';')) {
+	    // 1. Consume the characters of the unparsed-attributes up to, but
+	    //    not including, the first %x3B (";") character.
+	    cookieAv = collectASequenceOfCodePointsFast(
+	      ';',
+	      unparsedAttributes,
+	      { position: 0 }
+	    );
+	    unparsedAttributes = unparsedAttributes.slice(cookieAv.length);
+	  } else {
+	    // Otherwise:
+
+	    // 1. Consume the remainder of the unparsed-attributes.
+	    cookieAv = unparsedAttributes;
+	    unparsedAttributes = '';
+	  }
+
+	  // Let the cookie-av string be the characters consumed in this step.
+
+	  let attributeName = '';
+	  let attributeValue = '';
+
+	  // 4. If the cookie-av string contains a %x3D ("=") character:
+	  if (cookieAv.includes('=')) {
+	    // 1. The (possibly empty) attribute-name string consists of the
+	    //    characters up to, but not including, the first %x3D ("=")
+	    //    character, and the (possibly empty) attribute-value string
+	    //    consists of the characters after the first %x3D ("=")
+	    //    character.
+	    const position = { position: 0 };
+
+	    attributeName = collectASequenceOfCodePointsFast(
+	      '=',
+	      cookieAv,
+	      position
+	    );
+	    attributeValue = cookieAv.slice(position.position + 1);
+	  } else {
+	    // Otherwise:
+
+	    // 1. The attribute-name string consists of the entire cookie-av
+	    //    string, and the attribute-value string is empty.
+	    attributeName = cookieAv;
+	  }
+
+	  // 5. Remove any leading or trailing WSP characters from the attribute-
+	  //    name string and the attribute-value string.
+	  attributeName = attributeName.trim();
+	  attributeValue = attributeValue.trim();
+
+	  // 6. If the attribute-value is longer than 1024 octets, ignore the
+	  //    cookie-av string and return to Step 1 of this algorithm.
+	  if (attributeValue.length > maxAttributeValueSize) {
+	    return parseUnparsedAttributes(unparsedAttributes, cookieAttributeList)
+	  }
+
+	  // 7. Process the attribute-name and attribute-value according to the
+	  //    requirements in the following subsections.  (Notice that
+	  //    attributes with unrecognized attribute-names are ignored.)
+	  const attributeNameLowercase = attributeName.toLowerCase();
+
+	  // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.1
+	  // If the attribute-name case-insensitively matches the string
+	  // "Expires", the user agent MUST process the cookie-av as follows.
+	  if (attributeNameLowercase === 'expires') {
+	    // 1. Let the expiry-time be the result of parsing the attribute-value
+	    //    as cookie-date (see Section 5.1.1).
+	    const expiryTime = new Date(attributeValue);
+
+	    // 2. If the attribute-value failed to parse as a cookie date, ignore
+	    //    the cookie-av.
+
+	    cookieAttributeList.expires = expiryTime;
+	  } else if (attributeNameLowercase === 'max-age') {
+	    // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.2
+	    // If the attribute-name case-insensitively matches the string "Max-
+	    // Age", the user agent MUST process the cookie-av as follows.
+
+	    // 1. If the first character of the attribute-value is not a DIGIT or a
+	    //    "-" character, ignore the cookie-av.
+	    const charCode = attributeValue.charCodeAt(0);
+
+	    if ((charCode < 48 || charCode > 57) && attributeValue[0] !== '-') {
+	      return parseUnparsedAttributes(unparsedAttributes, cookieAttributeList)
+	    }
+
+	    // 2. If the remainder of attribute-value contains a non-DIGIT
+	    //    character, ignore the cookie-av.
+	    if (!/^\d+$/.test(attributeValue)) {
+	      return parseUnparsedAttributes(unparsedAttributes, cookieAttributeList)
+	    }
+
+	    // 3. Let delta-seconds be the attribute-value converted to an integer.
+	    const deltaSeconds = Number(attributeValue);
+
+	    // 4. Let cookie-age-limit be the maximum age of the cookie (which
+	    //    SHOULD be 400 days or less, see Section 4.1.2.2).
+
+	    // 5. Set delta-seconds to the smaller of its present value and cookie-
+	    //    age-limit.
+	    // deltaSeconds = Math.min(deltaSeconds * 1000, maxExpiresMs)
+
+	    // 6. If delta-seconds is less than or equal to zero (0), let expiry-
+	    //    time be the earliest representable date and time.  Otherwise, let
+	    //    the expiry-time be the current date and time plus delta-seconds
+	    //    seconds.
+	    // const expiryTime = deltaSeconds <= 0 ? Date.now() : Date.now() + deltaSeconds
+
+	    // 7. Append an attribute to the cookie-attribute-list with an
+	    //    attribute-name of Max-Age and an attribute-value of expiry-time.
+	    cookieAttributeList.maxAge = deltaSeconds;
+	  } else if (attributeNameLowercase === 'domain') {
+	    // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.3
+	    // If the attribute-name case-insensitively matches the string "Domain",
+	    // the user agent MUST process the cookie-av as follows.
+
+	    // 1. Let cookie-domain be the attribute-value.
+	    let cookieDomain = attributeValue;
+
+	    // 2. If cookie-domain starts with %x2E ("."), let cookie-domain be
+	    //    cookie-domain without its leading %x2E (".").
+	    if (cookieDomain[0] === '.') {
+	      cookieDomain = cookieDomain.slice(1);
+	    }
+
+	    // 3. Convert the cookie-domain to lower case.
+	    cookieDomain = cookieDomain.toLowerCase();
+
+	    // 4. Append an attribute to the cookie-attribute-list with an
+	    //    attribute-name of Domain and an attribute-value of cookie-domain.
+	    cookieAttributeList.domain = cookieDomain;
+	  } else if (attributeNameLowercase === 'path') {
+	    // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.4
+	    // If the attribute-name case-insensitively matches the string "Path",
+	    // the user agent MUST process the cookie-av as follows.
+
+	    // 1. If the attribute-value is empty or if the first character of the
+	    //    attribute-value is not %x2F ("/"):
+	    let cookiePath = '';
+	    if (attributeValue.length === 0 || attributeValue[0] !== '/') {
+	      // 1. Let cookie-path be the default-path.
+	      cookiePath = '/';
+	    } else {
+	      // Otherwise:
+
+	      // 1. Let cookie-path be the attribute-value.
+	      cookiePath = attributeValue;
+	    }
+
+	    // 2. Append an attribute to the cookie-attribute-list with an
+	    //    attribute-name of Path and an attribute-value of cookie-path.
+	    cookieAttributeList.path = cookiePath;
+	  } else if (attributeNameLowercase === 'secure') {
+	    // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.5
+	    // If the attribute-name case-insensitively matches the string "Secure",
+	    // the user agent MUST append an attribute to the cookie-attribute-list
+	    // with an attribute-name of Secure and an empty attribute-value.
+
+	    cookieAttributeList.secure = true;
+	  } else if (attributeNameLowercase === 'httponly') {
+	    // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.6
+	    // If the attribute-name case-insensitively matches the string
+	    // "HttpOnly", the user agent MUST append an attribute to the cookie-
+	    // attribute-list with an attribute-name of HttpOnly and an empty
+	    // attribute-value.
+
+	    cookieAttributeList.httpOnly = true;
+	  } else if (attributeNameLowercase === 'samesite') {
+	    // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.7
+	    // If the attribute-name case-insensitively matches the string
+	    // "SameSite", the user agent MUST process the cookie-av as follows:
+
+	    // 1. Let enforcement be "Default".
+	    let enforcement = 'Default';
+
+	    const attributeValueLowercase = attributeValue.toLowerCase();
+	    // 2. If cookie-av's attribute-value is a case-insensitive match for
+	    //    "None", set enforcement to "None".
+	    if (attributeValueLowercase.includes('none')) {
+	      enforcement = 'None';
+	    }
+
+	    // 3. If cookie-av's attribute-value is a case-insensitive match for
+	    //    "Strict", set enforcement to "Strict".
+	    if (attributeValueLowercase.includes('strict')) {
+	      enforcement = 'Strict';
+	    }
+
+	    // 4. If cookie-av's attribute-value is a case-insensitive match for
+	    //    "Lax", set enforcement to "Lax".
+	    if (attributeValueLowercase.includes('lax')) {
+	      enforcement = 'Lax';
+	    }
+
+	    // 5. Append an attribute to the cookie-attribute-list with an
+	    //    attribute-name of "SameSite" and an attribute-value of
+	    //    enforcement.
+	    cookieAttributeList.sameSite = enforcement;
+	  } else {
+	    cookieAttributeList.unparsed ??= [];
+
+	    cookieAttributeList.unparsed.push(`${attributeName}=${attributeValue}`);
+	  }
+
+	  // 8. Return to Step 1 of this algorithm.
+	  return parseUnparsedAttributes(unparsedAttributes, cookieAttributeList)
+	}
+
+	parse = {
+	  parseSetCookie,
+	  parseUnparsedAttributes
+	};
+	return parse;
+}
+
+exports.__require = requireParse;
+//# sourceMappingURL=parse.js.map

package/lib/cjs/__/undici/lib/cookies/parse.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"parse.js","sources":["../../../../../../../../node_modules/undici/lib/cookies/parse.js"],"sourcesContent":["'use strict'\n\nconst { maxNameValuePairSize, maxAttributeValueSize } = require('./constants')\nconst { isCTLExcludingHtab } = require('./util')\nconst { collectASequenceOfCodePointsFast } = require('../fetch/dataURL')\nconst assert = require('assert')\n\n/**\n * @description Parses the field-value attributes of a set-cookie header string.\n * @see https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4\n * @param {string} header\n * @returns if the header is invalid, null will be returned\n */\nfunction parseSetCookie (header) {\n  // 1. If the set-cookie-string contains a %x00-08 / %x0A-1F / %x7F\n  //    character (CTL characters excluding HTAB): Abort these steps and\n  //    ignore the set-cookie-string entirely.\n  if (isCTLExcludingHtab(header)) {\n    return null\n  }\n\n  let nameValuePair = ''\n  let unparsedAttributes = ''\n  let name = ''\n  let value = ''\n\n  // 2. If the set-cookie-string contains a %x3B (\";\") character:\n  if (header.includes(';')) {\n    // 1. The name-value-pair string consists of the characters up to,\n    //    but not including, the first %x3B (\";\"), and the unparsed-\n    //    attributes consist of the remainder of the set-cookie-string\n    //    (including the %x3B (\";\") in question).\n    const position = { position: 0 }\n\n    nameValuePair = collectASequenceOfCodePointsFast(';', header, position)\n    unparsedAttributes = header.slice(position.position)\n  } else {\n    // Otherwise:\n\n    // 1. The name-value-pair string consists of all the characters\n    //    contained in the set-cookie-string, and the unparsed-\n    //    attributes is the empty string.\n    nameValuePair = header\n  }\n\n  // 3. If the name-value-pair string lacks a %x3D (\"=\") character, then\n  //    the name string is empty, and the value string is the value of\n  //    name-value-pair.\n  if (!nameValuePair.includes('=')) {\n    value = nameValuePair\n  } else {\n    //    Otherwise, the name string consists of the characters up to, but\n    //    not including, the first %x3D (\"=\") character, and the (possibly\n    //    empty) value string consists of the characters after the first\n    //    %x3D (\"=\") character.\n    const position = { position: 0 }\n    name = collectASequenceOfCodePointsFast(\n      '=',\n      nameValuePair,\n      position\n    )\n    value = nameValuePair.slice(position.position + 1)\n  }\n\n  // 4. Remove any leading or trailing WSP characters from the name\n  //    string and the value string.\n  name = name.trim()\n  value = value.trim()\n\n  // 5. If the sum of the lengths of the name string and the value string\n  //    is more than 4096 octets, abort these steps and ignore the set-\n  //    cookie-string entirely.\n  if (name.length + value.length > maxNameValuePairSize) {\n    return null\n  }\n\n  // 6. The cookie-name is the name string, and the cookie-value is the\n  //    value string.\n  return {\n    name, value, ...parseUnparsedAttributes(unparsedAttributes)\n  }\n}\n\n/**\n * Parses the remaining attributes of a set-cookie header\n * @see https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4\n * @param {string} unparsedAttributes\n * @param {[Object.<string, unknown>]={}} cookieAttributeList\n */\nfunction parseUnparsedAttributes (unparsedAttributes, cookieAttributeList = {}) {\n  // 1. If the unparsed-attributes string is empty, skip the rest of\n  //    these steps.\n  if (unparsedAttributes.length === 0) {\n    return cookieAttributeList\n  }\n\n  // 2. Discard the first character of the unparsed-attributes (which\n  //    will be a %x3B (\";\") character).\n  assert(unparsedAttributes[0] === ';')\n  unparsedAttributes = unparsedAttributes.slice(1)\n\n  let cookieAv = ''\n\n  // 3. If the remaining unparsed-attributes contains a %x3B (\";\")\n  //    character:\n  if (unparsedAttributes.includes(';')) {\n    // 1. Consume the characters of the unparsed-attributes up to, but\n    //    not including, the first %x3B (\";\") character.\n    cookieAv = collectASequenceOfCodePointsFast(\n      ';',\n      unparsedAttributes,\n      { position: 0 }\n    )\n    unparsedAttributes = unparsedAttributes.slice(cookieAv.length)\n  } else {\n    // Otherwise:\n\n    // 1. Consume the remainder of the unparsed-attributes.\n    cookieAv = unparsedAttributes\n    unparsedAttributes = ''\n  }\n\n  // Let the cookie-av string be the characters consumed in this step.\n\n  let attributeName = ''\n  let attributeValue = ''\n\n  // 4. If the cookie-av string contains a %x3D (\"=\") character:\n  if (cookieAv.includes('=')) {\n    // 1. The (possibly empty) attribute-name string consists of the\n    //    characters up to, but not including, the first %x3D (\"=\")\n    //    character, and the (possibly empty) attribute-value string\n    //    consists of the characters after the first %x3D (\"=\")\n    //    character.\n    const position = { position: 0 }\n\n    attributeName = collectASequenceOfCodePointsFast(\n      '=',\n      cookieAv,\n      position\n    )\n    attributeValue = cookieAv.slice(position.position + 1)\n  } else {\n    // Otherwise:\n\n    // 1. The attribute-name string consists of the entire cookie-av\n    //    string, and the attribute-value string is empty.\n    attributeName = cookieAv\n  }\n\n  // 5. Remove any leading or trailing WSP characters from the attribute-\n  //    name string and the attribute-value string.\n  attributeName = attributeName.trim()\n  attributeValue = attributeValue.trim()\n\n  // 6. If the attribute-value is longer than 1024 octets, ignore the\n  //    cookie-av string and return to Step 1 of this algorithm.\n  if (attributeValue.length > maxAttributeValueSize) {\n    return parseUnparsedAttributes(unparsedAttributes, cookieAttributeList)\n  }\n\n  // 7. Process the attribute-name and attribute-value according to the\n  //    requirements in the following subsections.  (Notice that\n  //    attributes with unrecognized attribute-names are ignored.)\n  const attributeNameLowercase = attributeName.toLowerCase()\n\n  // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.1\n  // If the attribute-name case-insensitively matches the string\n  // \"Expires\", the user agent MUST process the cookie-av as follows.\n  if (attributeNameLowercase === 'expires') {\n    // 1. Let the expiry-time be the result of parsing the attribute-value\n    //    as cookie-date (see Section 5.1.1).\n    const expiryTime = new Date(attributeValue)\n\n    // 2. If the attribute-value failed to parse as a cookie date, ignore\n    //    the cookie-av.\n\n    cookieAttributeList.expires = expiryTime\n  } else if (attributeNameLowercase === 'max-age') {\n    // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.2\n    // If the attribute-name case-insensitively matches the string \"Max-\n    // Age\", the user agent MUST process the cookie-av as follows.\n\n    // 1. If the first character of the attribute-value is not a DIGIT or a\n    //    \"-\" character, ignore the cookie-av.\n    const charCode = attributeValue.charCodeAt(0)\n\n    if ((charCode < 48 || charCode > 57) && attributeValue[0] !== '-') {\n      return parseUnparsedAttributes(unparsedAttributes, cookieAttributeList)\n    }\n\n    // 2. If the remainder of attribute-value contains a non-DIGIT\n    //    character, ignore the cookie-av.\n    if (!/^\\d+$/.test(attributeValue)) {\n      return parseUnparsedAttributes(unparsedAttributes, cookieAttributeList)\n    }\n\n    // 3. Let delta-seconds be the attribute-value converted to an integer.\n    const deltaSeconds = Number(attributeValue)\n\n    // 4. Let cookie-age-limit be the maximum age of the cookie (which\n    //    SHOULD be 400 days or less, see Section 4.1.2.2).\n\n    // 5. Set delta-seconds to the smaller of its present value and cookie-\n    //    age-limit.\n    // deltaSeconds = Math.min(deltaSeconds * 1000, maxExpiresMs)\n\n    // 6. If delta-seconds is less than or equal to zero (0), let expiry-\n    //    time be the earliest representable date and time.  Otherwise, let\n    //    the expiry-time be the current date and time plus delta-seconds\n    //    seconds.\n    // const expiryTime = deltaSeconds <= 0 ? Date.now() : Date.now() + deltaSeconds\n\n    // 7. Append an attribute to the cookie-attribute-list with an\n    //    attribute-name of Max-Age and an attribute-value of expiry-time.\n    cookieAttributeList.maxAge = deltaSeconds\n  } else if (attributeNameLowercase === 'domain') {\n    // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.3\n    // If the attribute-name case-insensitively matches the string \"Domain\",\n    // the user agent MUST process the cookie-av as follows.\n\n    // 1. Let cookie-domain be the attribute-value.\n    let cookieDomain = attributeValue\n\n    // 2. If cookie-domain starts with %x2E (\".\"), let cookie-domain be\n    //    cookie-domain without its leading %x2E (\".\").\n    if (cookieDomain[0] === '.') {\n      cookieDomain = cookieDomain.slice(1)\n    }\n\n    // 3. Convert the cookie-domain to lower case.\n    cookieDomain = cookieDomain.toLowerCase()\n\n    // 4. Append an attribute to the cookie-attribute-list with an\n    //    attribute-name of Domain and an attribute-value of cookie-domain.\n    cookieAttributeList.domain = cookieDomain\n  } else if (attributeNameLowercase === 'path') {\n    // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.4\n    // If the attribute-name case-insensitively matches the string \"Path\",\n    // the user agent MUST process the cookie-av as follows.\n\n    // 1. If the attribute-value is empty or if the first character of the\n    //    attribute-value is not %x2F (\"/\"):\n    let cookiePath = ''\n    if (attributeValue.length === 0 || attributeValue[0] !== '/') {\n      // 1. Let cookie-path be the default-path.\n      cookiePath = '/'\n    } else {\n      // Otherwise:\n\n      // 1. Let cookie-path be the attribute-value.\n      cookiePath = attributeValue\n    }\n\n    // 2. Append an attribute to the cookie-attribute-list with an\n    //    attribute-name of Path and an attribute-value of cookie-path.\n    cookieAttributeList.path = cookiePath\n  } else if (attributeNameLowercase === 'secure') {\n    // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.5\n    // If the attribute-name case-insensitively matches the string \"Secure\",\n    // the user agent MUST append an attribute to the cookie-attribute-list\n    // with an attribute-name of Secure and an empty attribute-value.\n\n    cookieAttributeList.secure = true\n  } else if (attributeNameLowercase === 'httponly') {\n    // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.6\n    // If the attribute-name case-insensitively matches the string\n    // \"HttpOnly\", the user agent MUST append an attribute to the cookie-\n    // attribute-list with an attribute-name of HttpOnly and an empty\n    // attribute-value.\n\n    cookieAttributeList.httpOnly = true\n  } else if (attributeNameLowercase === 'samesite') {\n    // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.7\n    // If the attribute-name case-insensitively matches the string\n    // \"SameSite\", the user agent MUST process the cookie-av as follows:\n\n    // 1. Let enforcement be \"Default\".\n    let enforcement = 'Default'\n\n    const attributeValueLowercase = attributeValue.toLowerCase()\n    // 2. If cookie-av's attribute-value is a case-insensitive match for\n    //    \"None\", set enforcement to \"None\".\n    if (attributeValueLowercase.includes('none')) {\n      enforcement = 'None'\n    }\n\n    // 3. If cookie-av's attribute-value is a case-insensitive match for\n    //    \"Strict\", set enforcement to \"Strict\".\n    if (attributeValueLowercase.includes('strict')) {\n      enforcement = 'Strict'\n    }\n\n    // 4. If cookie-av's attribute-value is a case-insensitive match for\n    //    \"Lax\", set enforcement to \"Lax\".\n    if (attributeValueLowercase.includes('lax')) {\n      enforcement = 'Lax'\n    }\n\n    // 5. Append an attribute to the cookie-attribute-list with an\n    //    attribute-name of \"SameSite\" and an attribute-value of\n    //    enforcement.\n    cookieAttributeList.sameSite = enforcement\n  } else {\n    cookieAttributeList.unparsed ??= []\n\n    cookieAttributeList.unparsed.push(`${attributeName}=${attributeValue}`)\n  }\n\n  // 8. Return to Step 1 of this algorithm.\n  return parseUnparsedAttributes(unparsedAttributes, cookieAttributeList)\n}\n\nmodule.exports = {\n  parseSetCookie,\n  parseUnparsedAttributes\n}\n"],"names":["require$$0","require$$1","require$$2","require$$3"],"mappings":";;;;;;;;;;;;;;;;;;AAEA,CAAA,MAAM,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,GAAGA,mBAAA;CACxD,MAAM,EAAE,kBAAkB,EAAE,GAAGC,cAAA;CAC/B,MAAM,EAAE,gCAAgC,EAAE,GAAGC,iBAAA;AAC7C,CAAA,MAAM,MAAM,GAAGC;;AAEf;AACA;AACA;AACA;AACA;AACA;CACA,SAAS,cAAc,EAAE,MAAM,EAAE;AACjC;AACA;AACA;AACA,GAAE,IAAI,kBAAkB,CAAC,MAAM,CAAC,EAAE;AAClC,KAAI,OAAO;AACX,GAAA;;GAEE,IAAI,aAAa,GAAG;GACpB,IAAI,kBAAkB,GAAG;GACzB,IAAI,IAAI,GAAG;GACX,IAAI,KAAK,GAAG;;AAEd;AACA,GAAE,IAAI,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;AAC5B;AACA;AACA;AACA;AACA,KAAI,MAAM,QAAQ,GAAG,EAAE,QAAQ,EAAE,CAAC;;KAE9B,aAAa,GAAG,gCAAgC,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ;KACtE,kBAAkB,GAAG,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ;AACvD,GAAA,CAAG,MAAM;AACT;;AAEA;AACA;AACA;AACA,KAAI,aAAa,GAAG;AACpB,GAAA;;AAEA;AACA;AACA;GACE,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;AACpC,KAAI,KAAK,GAAG;AACZ,GAAA,CAAG,MAAM;AACT;AACA;AACA;AACA;AACA,KAAI,MAAM,QAAQ,GAAG,EAAE,QAAQ,EAAE,CAAC;KAC9B,IAAI,GAAG,gCAAgC;AAC3C,OAAM,GAAG;AACT,OAAM,aAAa;OACb;AACN;KACI,KAAK,GAAG,aAAa,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,GAAG,CAAC;AACrD,GAAA;;AAEA;AACA;AACA,GAAE,IAAI,GAAG,IAAI,CAAC,IAAI;AAClB,GAAE,KAAK,GAAG,KAAK,CAAC,IAAI;;AAEpB;AACA;AACA;GACE,IAAI,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,GAAG,oBAAoB,EAAE;AACzD,KAAI,OAAO;AACX,GAAA;;AAEA;AACA;AACA,GAAE,OAAO;AACT,KAAI,IAAI,EAAE,KAAK,EAAE,GAAG,uBAAuB,CAAC,kBAAkB;AAC9D;AACA,CAAA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA,CAAA,SAAS,uBAAuB,EAAE,kBAAkB,EAAE,mBAAmB,GAAG,EAAE,EAAE;AAChF;AACA;AACA,GAAE,IAAI,kBAAkB,CAAC,MAAM,KAAK,CAAC,EAAE;AACvC,KAAI,OAAO;AACX,GAAA;;AAEA;AACA;AACA,GAAE,MAAM,CAAC,kBAAkB,CAAC,CAAC,CAAC,KAAK,GAAG;AACtC,GAAE,kBAAkB,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAC;;GAE/C,IAAI,QAAQ,GAAG;;AAEjB;AACA;AACA,GAAE,IAAI,kBAAkB,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;AACxC;AACA;KACI,QAAQ,GAAG,gCAAgC;AAC/C,OAAM,GAAG;AACT,OAAM,kBAAkB;OAClB,EAAE,QAAQ,EAAE,CAAC;AACnB;KACI,kBAAkB,GAAG,kBAAkB,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM;AACjE,GAAA,CAAG,MAAM;AACT;;AAEA;AACA,KAAI,QAAQ,GAAG;AACf,KAAI,kBAAkB,GAAG;AACzB,GAAA;;AAEA;;GAEE,IAAI,aAAa,GAAG;GACpB,IAAI,cAAc,GAAG;;AAEvB;AACA,GAAE,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;AAC9B;AACA;AACA;AACA;AACA;AACA,KAAI,MAAM,QAAQ,GAAG,EAAE,QAAQ,EAAE,CAAC;;KAE9B,aAAa,GAAG,gCAAgC;AACpD,OAAM,GAAG;AACT,OAAM,QAAQ;OACR;AACN;KACI,cAAc,GAAG,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,GAAG,CAAC;AACzD,GAAA,CAAG,MAAM;AACT;;AAEA;AACA;AACA,KAAI,aAAa,GAAG;AACpB,GAAA;;AAEA;AACA;AACA,GAAE,aAAa,GAAG,aAAa,CAAC,IAAI;AACpC,GAAE,cAAc,GAAG,cAAc,CAAC,IAAI;;AAEtC;AACA;AACA,GAAE,IAAI,cAAc,CAAC,MAAM,GAAG,qBAAqB,EAAE;AACrD,KAAI,OAAO,uBAAuB,CAAC,kBAAkB,EAAE,mBAAmB;AAC1E,GAAA;;AAEA;AACA;AACA;AACA,GAAE,MAAM,sBAAsB,GAAG,aAAa,CAAC,WAAW;;AAE1D;AACA;AACA;AACA,GAAE,IAAI,sBAAsB,KAAK,SAAS,EAAE;AAC5C;AACA;AACA,KAAI,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,cAAc;;AAE9C;AACA;;KAEI,mBAAmB,CAAC,OAAO,GAAG;AAClC,GAAA,CAAG,MAAM,IAAI,sBAAsB,KAAK,SAAS,EAAE;AACnD;AACA;AACA;;AAEA;AACA;AACA,KAAI,MAAM,QAAQ,GAAG,cAAc,CAAC,UAAU,CAAC,CAAC;;AAEhD,KAAI,IAAI,CAAC,QAAQ,GAAG,EAAE,IAAI,QAAQ,GAAG,EAAE,KAAK,cAAc,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE;AACvE,OAAM,OAAO,uBAAuB,CAAC,kBAAkB,EAAE,mBAAmB;AAC5E,KAAA;;AAEA;AACA;KACI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE;AACvC,OAAM,OAAO,uBAAuB,CAAC,kBAAkB,EAAE,mBAAmB;AAC5E,KAAA;;AAEA;AACA,KAAI,MAAM,YAAY,GAAG,MAAM,CAAC,cAAc;;AAE9C;AACA;;AAEA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;;AAEA;AACA;KACI,mBAAmB,CAAC,MAAM,GAAG;AACjC,GAAA,CAAG,MAAM,IAAI,sBAAsB,KAAK,QAAQ,EAAE;AAClD;AACA;AACA;;AAEA;KACI,IAAI,YAAY,GAAG;;AAEvB;AACA;AACA,KAAI,IAAI,YAAY,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE;AACjC,OAAM,YAAY,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;AACzC,KAAA;;AAEA;AACA,KAAI,YAAY,GAAG,YAAY,CAAC,WAAW;;AAE3C;AACA;KACI,mBAAmB,CAAC,MAAM,GAAG;AACjC,GAAA,CAAG,MAAM,IAAI,sBAAsB,KAAK,MAAM,EAAE;AAChD;AACA;AACA;;AAEA;AACA;KACI,IAAI,UAAU,GAAG;AACrB,KAAI,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC,IAAI,cAAc,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE;AAClE;AACA,OAAM,UAAU,GAAG;AACnB,KAAA,CAAK,MAAM;AACX;;AAEA;AACA,OAAM,UAAU,GAAG;AACnB,KAAA;;AAEA;AACA;KACI,mBAAmB,CAAC,IAAI,GAAG;AAC/B,GAAA,CAAG,MAAM,IAAI,sBAAsB,KAAK,QAAQ,EAAE;AAClD;AACA;AACA;AACA;;KAEI,mBAAmB,CAAC,MAAM,GAAG;AACjC,GAAA,CAAG,MAAM,IAAI,sBAAsB,KAAK,UAAU,EAAE;AACpD;AACA;AACA;AACA;AACA;;KAEI,mBAAmB,CAAC,QAAQ,GAAG;AACnC,GAAA,CAAG,MAAM,IAAI,sBAAsB,KAAK,UAAU,EAAE;AACpD;AACA;AACA;;AAEA;KACI,IAAI,WAAW,GAAG;;AAEtB,KAAI,MAAM,uBAAuB,GAAG,cAAc,CAAC,WAAW;AAC9D;AACA;AACA,KAAI,IAAI,uBAAuB,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE;AAClD,OAAM,WAAW,GAAG;AACpB,KAAA;;AAEA;AACA;AACA,KAAI,IAAI,uBAAuB,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;AACpD,OAAM,WAAW,GAAG;AACpB,KAAA;;AAEA;AACA;AACA,KAAI,IAAI,uBAAuB,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE;AACjD,OAAM,WAAW,GAAG;AACpB,KAAA;;AAEA;AACA;AACA;KACI,mBAAmB,CAAC,QAAQ,GAAG;AACnC,GAAA,CAAG,MAAM;KACL,mBAAmB,CAAC,QAAQ,KAAK;;AAErC,KAAI,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,aAAa,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;AAC1E,GAAA;;AAEA;AACA,GAAE,OAAO,uBAAuB,CAAC,kBAAkB,EAAE,mBAAmB;AACxE,CAAA;;AAEA,CAAA,KAAc,GAAG;AACjB,GAAE,cAAc;GACd;AACF;;;;;;","x_google_ignoreList":[0]}

package/lib/cjs/__/undici/lib/cookies/util.js

@@ -0,0 +1,286 @@
+'use strict';
+
+var util;
+var hasRequiredUtil;
+
+function requireUtil () {
+	if (hasRequiredUtil) return util;
+	hasRequiredUtil = 1;
+
+	/**
+	 * @param {string} value
+	 * @returns {boolean}
+	 */
+	function isCTLExcludingHtab (value) {
+	  if (value.length === 0) {
+	    return false
+	  }
+
+	  for (const char of value) {
+	    const code = char.charCodeAt(0);
+
+	    if (
+	      (code >= 0x00 || code <= 0x08) ||
+	      (code >= 0x0A || code <= 0x1F) ||
+	      code === 0x7F
+	    ) {
+	      return false
+	    }
+	  }
+	}
+
+	/**
+	 CHAR           = <any US-ASCII character (octets 0 - 127)>
+	 token          = 1*<any CHAR except CTLs or separators>
+	 separators     = "(" | ")" | "<" | ">" | "@"
+	                | "," | ";" | ":" | "\" | <">
+	                | "/" | "[" | "]" | "?" | "="
+	                | "{" | "}" | SP | HT
+	 * @param {string} name
+	 */
+	function validateCookieName (name) {
+	  for (const char of name) {
+	    const code = char.charCodeAt(0);
+
+	    if (
+	      (code <= 0x20 || code > 0x7F) ||
+	      char === '(' ||
+	      char === ')' ||
+	      char === '>' ||
+	      char === '<' ||
+	      char === '@' ||
+	      char === ',' ||
+	      char === ';' ||
+	      char === ':' ||
+	      char === '\\' ||
+	      char === '"' ||
+	      char === '/' ||
+	      char === '[' ||
+	      char === ']' ||
+	      char === '?' ||
+	      char === '=' ||
+	      char === '{' ||
+	      char === '}'
+	    ) {
+	      throw new Error('Invalid cookie name')
+	    }
+	  }
+	}
+
+	/**
+	 cookie-value      = *cookie-octet / ( DQUOTE *cookie-octet DQUOTE )
+	 cookie-octet      = %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E
+	                       ; US-ASCII characters excluding CTLs,
+	                       ; whitespace DQUOTE, comma, semicolon,
+	                       ; and backslash
+	 * @param {string} value
+	 */
+	function validateCookieValue (value) {
+	  for (const char of value) {
+	    const code = char.charCodeAt(0);
+
+	    if (
+	      code < 0x21 || // exclude CTLs (0-31)
+	      code === 0x22 ||
+	      code === 0x2C ||
+	      code === 0x3B ||
+	      code === 0x5C ||
+	      code > 0x7E // non-ascii
+	    ) {
+	      throw new Error('Invalid header value')
+	    }
+	  }
+	}
+
+	/**
+	 * path-value        = <any CHAR except CTLs or ";">
+	 * @param {string} path
+	 */
+	function validateCookiePath (path) {
+	  for (const char of path) {
+	    const code = char.charCodeAt(0);
+
+	    if (code < 0x21 || char === ';') {
+	      throw new Error('Invalid cookie path')
+	    }
+	  }
+	}
+
+	/**
+	 * I have no idea why these values aren't allowed to be honest,
+	 * but Deno tests these. - Khafra
+	 * @param {string} domain
+	 */
+	function validateCookieDomain (domain) {
+	  if (
+	    domain.startsWith('-') ||
+	    domain.endsWith('.') ||
+	    domain.endsWith('-')
+	  ) {
+	    throw new Error('Invalid cookie domain')
+	  }
+	}
+
+	/**
+	 * @see https://www.rfc-editor.org/rfc/rfc7231#section-7.1.1.1
+	 * @param {number|Date} date
+	  IMF-fixdate  = day-name "," SP date1 SP time-of-day SP GMT
+	  ; fixed length/zone/capitalization subset of the format
+	  ; see Section 3.3 of [RFC5322]
+
+	  day-name     = %x4D.6F.6E ; "Mon", case-sensitive
+	              / %x54.75.65 ; "Tue", case-sensitive
+	              / %x57.65.64 ; "Wed", case-sensitive
+	              / %x54.68.75 ; "Thu", case-sensitive
+	              / %x46.72.69 ; "Fri", case-sensitive
+	              / %x53.61.74 ; "Sat", case-sensitive
+	              / %x53.75.6E ; "Sun", case-sensitive
+	  date1        = day SP month SP year
+	                  ; e.g., 02 Jun 1982
+
+	  day          = 2DIGIT
+	  month        = %x4A.61.6E ; "Jan", case-sensitive
+	              / %x46.65.62 ; "Feb", case-sensitive
+	              / %x4D.61.72 ; "Mar", case-sensitive
+	              / %x41.70.72 ; "Apr", case-sensitive
+	              / %x4D.61.79 ; "May", case-sensitive
+	              / %x4A.75.6E ; "Jun", case-sensitive
+	              / %x4A.75.6C ; "Jul", case-sensitive
+	              / %x41.75.67 ; "Aug", case-sensitive
+	              / %x53.65.70 ; "Sep", case-sensitive
+	              / %x4F.63.74 ; "Oct", case-sensitive
+	              / %x4E.6F.76 ; "Nov", case-sensitive
+	              / %x44.65.63 ; "Dec", case-sensitive
+	  year         = 4DIGIT
+
+	  GMT          = %x47.4D.54 ; "GMT", case-sensitive
+
+	  time-of-day  = hour ":" minute ":" second
+	              ; 00:00:00 - 23:59:60 (leap second)
+
+	  hour         = 2DIGIT
+	  minute       = 2DIGIT
+	  second       = 2DIGIT
+	 */
+	function toIMFDate (date) {
+	  if (typeof date === 'number') {
+	    date = new Date(date);
+	  }
+
+	  const days = [
+	    'Sun', 'Mon', 'Tue', 'Wed',
+	    'Thu', 'Fri', 'Sat'
+	  ];
+
+	  const months = [
+	    'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun',
+	    'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec'
+	  ];
+
+	  const dayName = days[date.getUTCDay()];
+	  const day = date.getUTCDate().toString().padStart(2, '0');
+	  const month = months[date.getUTCMonth()];
+	  const year = date.getUTCFullYear();
+	  const hour = date.getUTCHours().toString().padStart(2, '0');
+	  const minute = date.getUTCMinutes().toString().padStart(2, '0');
+	  const second = date.getUTCSeconds().toString().padStart(2, '0');
+
+	  return `${dayName}, ${day} ${month} ${year} ${hour}:${minute}:${second} GMT`
+	}
+
+	/**
+	 max-age-av        = "Max-Age=" non-zero-digit *DIGIT
+	                       ; In practice, both expires-av and max-age-av
+	                       ; are limited to dates representable by the
+	                       ; user agent.
+	 * @param {number} maxAge
+	 */
+	function validateCookieMaxAge (maxAge) {
+	  if (maxAge < 0) {
+	    throw new Error('Invalid cookie max-age')
+	  }
+	}
+
+	/**
+	 * @see https://www.rfc-editor.org/rfc/rfc6265#section-4.1.1
+	 * @param {import('./index').Cookie} cookie
+	 */
+	function stringify (cookie) {
+	  if (cookie.name.length === 0) {
+	    return null
+	  }
+
+	  validateCookieName(cookie.name);
+	  validateCookieValue(cookie.value);
+
+	  const out = [`${cookie.name}=${cookie.value}`];
+
+	  // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-cookie-prefixes-00#section-3.1
+	  // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-cookie-prefixes-00#section-3.2
+	  if (cookie.name.startsWith('__Secure-')) {
+	    cookie.secure = true;
+	  }
+
+	  if (cookie.name.startsWith('__Host-')) {
+	    cookie.secure = true;
+	    cookie.domain = null;
+	    cookie.path = '/';
+	  }
+
+	  if (cookie.secure) {
+	    out.push('Secure');
+	  }
+
+	  if (cookie.httpOnly) {
+	    out.push('HttpOnly');
+	  }
+
+	  if (typeof cookie.maxAge === 'number') {
+	    validateCookieMaxAge(cookie.maxAge);
+	    out.push(`Max-Age=${cookie.maxAge}`);
+	  }
+
+	  if (cookie.domain) {
+	    validateCookieDomain(cookie.domain);
+	    out.push(`Domain=${cookie.domain}`);
+	  }
+
+	  if (cookie.path) {
+	    validateCookiePath(cookie.path);
+	    out.push(`Path=${cookie.path}`);
+	  }
+
+	  if (cookie.expires && cookie.expires.toString() !== 'Invalid Date') {
+	    out.push(`Expires=${toIMFDate(cookie.expires)}`);
+	  }
+
+	  if (cookie.sameSite) {
+	    out.push(`SameSite=${cookie.sameSite}`);
+	  }
+
+	  for (const part of cookie.unparsed) {
+	    if (!part.includes('=')) {
+	      throw new Error('Invalid unparsed')
+	    }
+
+	    const [key, ...value] = part.split('=');
+
+	    out.push(`${key.trim()}=${value.join('=')}`);
+	  }
+
+	  return out.join('; ')
+	}
+
+	util = {
+	  isCTLExcludingHtab,
+	  validateCookieName,
+	  validateCookiePath,
+	  validateCookieValue,
+	  toIMFDate,
+	  stringify
+	};
+	return util;
+}
+
+exports.__require = requireUtil;
+//# sourceMappingURL=util.js.map