pi-cursor-sdk 0.1.50 → 0.1.52

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (279) hide show
  1. package/CHANGELOG.md +31 -0
  2. package/README.md +1 -1
  3. package/docs/cursor-live-smoke-checklist.md +4 -4
  4. package/docs/cursor-model-ux-spec.md +5 -5
  5. package/docs/cursor-native-tool-replay.md +2 -2
  6. package/docs/cursor-native-tool-visual-audit.md +1 -1
  7. package/docs/cursor-testing-lessons.md +1 -1
  8. package/package.json +3 -12
  9. package/src/cursor-fallback-models.generated.ts +536 -302
  10. package/src/cursor-provider-errors.ts +29 -0
  11. package/src/cursor-provider-turn-runner.ts +1 -1
  12. package/src/cursor-provider.ts +9 -2
  13. package/src/cursor-session-turn-queue.ts +52 -0
  14. package/src/cursor-tool-manifest.ts +1 -1
  15. package/node_modules/@connectrpc/connect-node/README.md +0 -141
  16. package/node_modules/@connectrpc/connect-node/dist/cjs/compression.d.ts +0 -15
  17. package/node_modules/@connectrpc/connect-node/dist/cjs/compression.js +0 -89
  18. package/node_modules/@connectrpc/connect-node/dist/cjs/connect-node-adapter.d.ts +0 -42
  19. package/node_modules/@connectrpc/connect-node/dist/cjs/connect-node-adapter.js +0 -61
  20. package/node_modules/@connectrpc/connect-node/dist/cjs/connect-transport.d.ts +0 -100
  21. package/node_modules/@connectrpc/connect-node/dist/cjs/connect-transport.js +0 -25
  22. package/node_modules/@connectrpc/connect-node/dist/cjs/grpc-transport.d.ts +0 -96
  23. package/node_modules/@connectrpc/connect-node/dist/cjs/grpc-transport.js +0 -25
  24. package/node_modules/@connectrpc/connect-node/dist/cjs/grpc-web-transport.d.ts +0 -96
  25. package/node_modules/@connectrpc/connect-node/dist/cjs/grpc-web-transport.js +0 -25
  26. package/node_modules/@connectrpc/connect-node/dist/cjs/http2-session-manager.d.ts +0 -146
  27. package/node_modules/@connectrpc/connect-node/dist/cjs/http2-session-manager.js +0 -536
  28. package/node_modules/@connectrpc/connect-node/dist/cjs/index.d.ts +0 -15
  29. package/node_modules/@connectrpc/connect-node/dist/cjs/index.js +0 -36
  30. package/node_modules/@connectrpc/connect-node/dist/cjs/node-error.d.ts +0 -45
  31. package/node_modules/@connectrpc/connect-node/dist/cjs/node-error.js +0 -154
  32. package/node_modules/@connectrpc/connect-node/dist/cjs/node-headers-polyfill.d.ts +0 -1
  33. package/node_modules/@connectrpc/connect-node/dist/cjs/node-headers-polyfill.js +0 -29
  34. package/node_modules/@connectrpc/connect-node/dist/cjs/node-transport-options.d.ts +0 -89
  35. package/node_modules/@connectrpc/connect-node/dist/cjs/node-transport-options.js +0 -58
  36. package/node_modules/@connectrpc/connect-node/dist/cjs/node-universal-client.d.ts +0 -54
  37. package/node_modules/@connectrpc/connect-node/dist/cjs/node-universal-client.js +0 -326
  38. package/node_modules/@connectrpc/connect-node/dist/cjs/node-universal-handler.d.ts +0 -41
  39. package/node_modules/@connectrpc/connect-node/dist/cjs/node-universal-handler.js +0 -234
  40. package/node_modules/@connectrpc/connect-node/dist/cjs/node-universal-header.d.ts +0 -19
  41. package/node_modules/@connectrpc/connect-node/dist/cjs/node-universal-header.js +0 -97
  42. package/node_modules/@connectrpc/connect-node/dist/cjs/package.json +0 -1
  43. package/node_modules/@connectrpc/connect-node/dist/esm/compression.d.ts +0 -15
  44. package/node_modules/@connectrpc/connect-node/dist/esm/compression.js +0 -86
  45. package/node_modules/@connectrpc/connect-node/dist/esm/connect-node-adapter.d.ts +0 -42
  46. package/node_modules/@connectrpc/connect-node/dist/esm/connect-node-adapter.js +0 -58
  47. package/node_modules/@connectrpc/connect-node/dist/esm/connect-transport.d.ts +0 -100
  48. package/node_modules/@connectrpc/connect-node/dist/esm/connect-transport.js +0 -22
  49. package/node_modules/@connectrpc/connect-node/dist/esm/grpc-transport.d.ts +0 -96
  50. package/node_modules/@connectrpc/connect-node/dist/esm/grpc-transport.js +0 -22
  51. package/node_modules/@connectrpc/connect-node/dist/esm/grpc-web-transport.d.ts +0 -96
  52. package/node_modules/@connectrpc/connect-node/dist/esm/grpc-web-transport.js +0 -22
  53. package/node_modules/@connectrpc/connect-node/dist/esm/http2-session-manager.d.ts +0 -146
  54. package/node_modules/@connectrpc/connect-node/dist/esm/http2-session-manager.js +0 -532
  55. package/node_modules/@connectrpc/connect-node/dist/esm/index.d.ts +0 -15
  56. package/node_modules/@connectrpc/connect-node/dist/esm/index.js +0 -23
  57. package/node_modules/@connectrpc/connect-node/dist/esm/node-error.d.ts +0 -45
  58. package/node_modules/@connectrpc/connect-node/dist/esm/node-error.js +0 -147
  59. package/node_modules/@connectrpc/connect-node/dist/esm/node-headers-polyfill.d.ts +0 -1
  60. package/node_modules/@connectrpc/connect-node/dist/esm/node-headers-polyfill.js +0 -27
  61. package/node_modules/@connectrpc/connect-node/dist/esm/node-transport-options.d.ts +0 -89
  62. package/node_modules/@connectrpc/connect-node/dist/esm/node-transport-options.js +0 -58
  63. package/node_modules/@connectrpc/connect-node/dist/esm/node-universal-client.d.ts +0 -54
  64. package/node_modules/@connectrpc/connect-node/dist/esm/node-universal-client.js +0 -324
  65. package/node_modules/@connectrpc/connect-node/dist/esm/node-universal-handler.d.ts +0 -41
  66. package/node_modules/@connectrpc/connect-node/dist/esm/node-universal-handler.js +0 -230
  67. package/node_modules/@connectrpc/connect-node/dist/esm/node-universal-header.d.ts +0 -19
  68. package/node_modules/@connectrpc/connect-node/dist/esm/node-universal-header.js +0 -93
  69. package/node_modules/@connectrpc/connect-node/package.json +0 -46
  70. package/node_modules/undici/LICENSE +0 -21
  71. package/node_modules/undici/README.md +0 -741
  72. package/node_modules/undici/docs/docs/api/Agent.md +0 -84
  73. package/node_modules/undici/docs/docs/api/BalancedPool.md +0 -99
  74. package/node_modules/undici/docs/docs/api/CacheStorage.md +0 -30
  75. package/node_modules/undici/docs/docs/api/CacheStore.md +0 -164
  76. package/node_modules/undici/docs/docs/api/Client.md +0 -288
  77. package/node_modules/undici/docs/docs/api/ClientStats.md +0 -27
  78. package/node_modules/undici/docs/docs/api/Connector.md +0 -115
  79. package/node_modules/undici/docs/docs/api/ContentType.md +0 -57
  80. package/node_modules/undici/docs/docs/api/Cookies.md +0 -128
  81. package/node_modules/undici/docs/docs/api/Debug.md +0 -62
  82. package/node_modules/undici/docs/docs/api/DiagnosticsChannel.md +0 -315
  83. package/node_modules/undici/docs/docs/api/Dispatcher.md +0 -1392
  84. package/node_modules/undici/docs/docs/api/EnvHttpProxyAgent.md +0 -159
  85. package/node_modules/undici/docs/docs/api/Errors.md +0 -49
  86. package/node_modules/undici/docs/docs/api/EventSource.md +0 -45
  87. package/node_modules/undici/docs/docs/api/Fetch.md +0 -60
  88. package/node_modules/undici/docs/docs/api/GlobalInstallation.md +0 -139
  89. package/node_modules/undici/docs/docs/api/H2CClient.md +0 -263
  90. package/node_modules/undici/docs/docs/api/MockAgent.md +0 -603
  91. package/node_modules/undici/docs/docs/api/MockCallHistory.md +0 -197
  92. package/node_modules/undici/docs/docs/api/MockCallHistoryLog.md +0 -43
  93. package/node_modules/undici/docs/docs/api/MockClient.md +0 -81
  94. package/node_modules/undici/docs/docs/api/MockErrors.md +0 -12
  95. package/node_modules/undici/docs/docs/api/MockPool.md +0 -555
  96. package/node_modules/undici/docs/docs/api/Pool.md +0 -84
  97. package/node_modules/undici/docs/docs/api/PoolStats.md +0 -35
  98. package/node_modules/undici/docs/docs/api/ProxyAgent.md +0 -229
  99. package/node_modules/undici/docs/docs/api/RedirectHandler.md +0 -93
  100. package/node_modules/undici/docs/docs/api/RetryAgent.md +0 -50
  101. package/node_modules/undici/docs/docs/api/RetryHandler.md +0 -118
  102. package/node_modules/undici/docs/docs/api/RoundRobinPool.md +0 -145
  103. package/node_modules/undici/docs/docs/api/SnapshotAgent.md +0 -616
  104. package/node_modules/undici/docs/docs/api/Socks5ProxyAgent.md +0 -275
  105. package/node_modules/undici/docs/docs/api/Util.md +0 -25
  106. package/node_modules/undici/docs/docs/api/WebSocket.md +0 -141
  107. package/node_modules/undici/docs/docs/api/api-lifecycle.md +0 -91
  108. package/node_modules/undici/docs/docs/best-practices/client-certificate.md +0 -64
  109. package/node_modules/undici/docs/docs/best-practices/crawling.md +0 -58
  110. package/node_modules/undici/docs/docs/best-practices/mocking-request.md +0 -190
  111. package/node_modules/undici/docs/docs/best-practices/proxy.md +0 -127
  112. package/node_modules/undici/docs/docs/best-practices/undici-vs-builtin-fetch.md +0 -224
  113. package/node_modules/undici/docs/docs/best-practices/writing-tests.md +0 -63
  114. package/node_modules/undici/index-fetch.js +0 -65
  115. package/node_modules/undici/index.d.ts +0 -3
  116. package/node_modules/undici/index.js +0 -234
  117. package/node_modules/undici/lib/api/abort-signal.js +0 -59
  118. package/node_modules/undici/lib/api/api-connect.js +0 -110
  119. package/node_modules/undici/lib/api/api-pipeline.js +0 -252
  120. package/node_modules/undici/lib/api/api-request.js +0 -214
  121. package/node_modules/undici/lib/api/api-stream.js +0 -209
  122. package/node_modules/undici/lib/api/api-upgrade.js +0 -111
  123. package/node_modules/undici/lib/api/index.js +0 -7
  124. package/node_modules/undici/lib/api/readable.js +0 -580
  125. package/node_modules/undici/lib/cache/memory-cache-store.js +0 -234
  126. package/node_modules/undici/lib/cache/sqlite-cache-store.js +0 -461
  127. package/node_modules/undici/lib/core/connect.js +0 -153
  128. package/node_modules/undici/lib/core/constants.js +0 -143
  129. package/node_modules/undici/lib/core/diagnostics.js +0 -227
  130. package/node_modules/undici/lib/core/errors.js +0 -477
  131. package/node_modules/undici/lib/core/request.js +0 -453
  132. package/node_modules/undici/lib/core/socks5-client.js +0 -422
  133. package/node_modules/undici/lib/core/socks5-utils.js +0 -212
  134. package/node_modules/undici/lib/core/symbols.js +0 -75
  135. package/node_modules/undici/lib/core/tree.js +0 -160
  136. package/node_modules/undici/lib/core/util.js +0 -992
  137. package/node_modules/undici/lib/dispatcher/agent.js +0 -158
  138. package/node_modules/undici/lib/dispatcher/balanced-pool.js +0 -219
  139. package/node_modules/undici/lib/dispatcher/client-h1.js +0 -1722
  140. package/node_modules/undici/lib/dispatcher/client-h2.js +0 -995
  141. package/node_modules/undici/lib/dispatcher/client.js +0 -664
  142. package/node_modules/undici/lib/dispatcher/dispatcher-base.js +0 -184
  143. package/node_modules/undici/lib/dispatcher/dispatcher.js +0 -48
  144. package/node_modules/undici/lib/dispatcher/env-http-proxy-agent.js +0 -146
  145. package/node_modules/undici/lib/dispatcher/fixed-queue.js +0 -135
  146. package/node_modules/undici/lib/dispatcher/h2c-client.js +0 -51
  147. package/node_modules/undici/lib/dispatcher/pool-base.js +0 -214
  148. package/node_modules/undici/lib/dispatcher/pool.js +0 -118
  149. package/node_modules/undici/lib/dispatcher/proxy-agent.js +0 -319
  150. package/node_modules/undici/lib/dispatcher/retry-agent.js +0 -35
  151. package/node_modules/undici/lib/dispatcher/round-robin-pool.js +0 -137
  152. package/node_modules/undici/lib/dispatcher/socks5-proxy-agent.js +0 -260
  153. package/node_modules/undici/lib/encoding/index.js +0 -33
  154. package/node_modules/undici/lib/global.js +0 -59
  155. package/node_modules/undici/lib/handler/cache-handler.js +0 -578
  156. package/node_modules/undici/lib/handler/cache-revalidation-handler.js +0 -124
  157. package/node_modules/undici/lib/handler/decorator-handler.js +0 -67
  158. package/node_modules/undici/lib/handler/deduplication-handler.js +0 -460
  159. package/node_modules/undici/lib/handler/redirect-handler.js +0 -238
  160. package/node_modules/undici/lib/handler/retry-handler.js +0 -394
  161. package/node_modules/undici/lib/handler/unwrap-handler.js +0 -106
  162. package/node_modules/undici/lib/handler/wrap-handler.js +0 -105
  163. package/node_modules/undici/lib/interceptor/cache.js +0 -495
  164. package/node_modules/undici/lib/interceptor/decompress.js +0 -259
  165. package/node_modules/undici/lib/interceptor/deduplicate.js +0 -117
  166. package/node_modules/undici/lib/interceptor/dns.js +0 -571
  167. package/node_modules/undici/lib/interceptor/dump.js +0 -112
  168. package/node_modules/undici/lib/interceptor/redirect.js +0 -21
  169. package/node_modules/undici/lib/interceptor/response-error.js +0 -95
  170. package/node_modules/undici/lib/interceptor/retry.js +0 -19
  171. package/node_modules/undici/lib/llhttp/.gitkeep +0 -0
  172. package/node_modules/undici/lib/llhttp/constants.d.ts +0 -195
  173. package/node_modules/undici/lib/llhttp/constants.js +0 -531
  174. package/node_modules/undici/lib/llhttp/llhttp-wasm.js +0 -15
  175. package/node_modules/undici/lib/llhttp/llhttp_simd-wasm.js +0 -15
  176. package/node_modules/undici/lib/llhttp/utils.d.ts +0 -2
  177. package/node_modules/undici/lib/llhttp/utils.js +0 -12
  178. package/node_modules/undici/lib/mock/mock-agent.js +0 -232
  179. package/node_modules/undici/lib/mock/mock-call-history.js +0 -248
  180. package/node_modules/undici/lib/mock/mock-client.js +0 -68
  181. package/node_modules/undici/lib/mock/mock-errors.js +0 -29
  182. package/node_modules/undici/lib/mock/mock-interceptor.js +0 -209
  183. package/node_modules/undici/lib/mock/mock-pool.js +0 -68
  184. package/node_modules/undici/lib/mock/mock-symbols.js +0 -32
  185. package/node_modules/undici/lib/mock/mock-utils.js +0 -486
  186. package/node_modules/undici/lib/mock/pending-interceptors-formatter.js +0 -43
  187. package/node_modules/undici/lib/mock/snapshot-agent.js +0 -353
  188. package/node_modules/undici/lib/mock/snapshot-recorder.js +0 -588
  189. package/node_modules/undici/lib/mock/snapshot-utils.js +0 -158
  190. package/node_modules/undici/lib/util/cache.js +0 -414
  191. package/node_modules/undici/lib/util/date.js +0 -653
  192. package/node_modules/undici/lib/util/promise.js +0 -28
  193. package/node_modules/undici/lib/util/runtime-features.js +0 -124
  194. package/node_modules/undici/lib/util/stats.js +0 -32
  195. package/node_modules/undici/lib/util/timers.js +0 -425
  196. package/node_modules/undici/lib/web/cache/cache.js +0 -864
  197. package/node_modules/undici/lib/web/cache/cachestorage.js +0 -152
  198. package/node_modules/undici/lib/web/cache/util.js +0 -45
  199. package/node_modules/undici/lib/web/cookies/constants.js +0 -12
  200. package/node_modules/undici/lib/web/cookies/index.js +0 -199
  201. package/node_modules/undici/lib/web/cookies/parse.js +0 -314
  202. package/node_modules/undici/lib/web/cookies/util.js +0 -282
  203. package/node_modules/undici/lib/web/eventsource/eventsource-stream.js +0 -399
  204. package/node_modules/undici/lib/web/eventsource/eventsource.js +0 -501
  205. package/node_modules/undici/lib/web/eventsource/util.js +0 -29
  206. package/node_modules/undici/lib/web/fetch/LICENSE +0 -21
  207. package/node_modules/undici/lib/web/fetch/body.js +0 -509
  208. package/node_modules/undici/lib/web/fetch/constants.js +0 -131
  209. package/node_modules/undici/lib/web/fetch/data-url.js +0 -596
  210. package/node_modules/undici/lib/web/fetch/formdata-parser.js +0 -586
  211. package/node_modules/undici/lib/web/fetch/formdata.js +0 -259
  212. package/node_modules/undici/lib/web/fetch/global.js +0 -40
  213. package/node_modules/undici/lib/web/fetch/headers.js +0 -719
  214. package/node_modules/undici/lib/web/fetch/index.js +0 -2413
  215. package/node_modules/undici/lib/web/fetch/request.js +0 -1115
  216. package/node_modules/undici/lib/web/fetch/response.js +0 -641
  217. package/node_modules/undici/lib/web/fetch/util.js +0 -1522
  218. package/node_modules/undici/lib/web/infra/index.js +0 -229
  219. package/node_modules/undici/lib/web/subresource-integrity/Readme.md +0 -9
  220. package/node_modules/undici/lib/web/subresource-integrity/subresource-integrity.js +0 -307
  221. package/node_modules/undici/lib/web/webidl/index.js +0 -1006
  222. package/node_modules/undici/lib/web/websocket/connection.js +0 -329
  223. package/node_modules/undici/lib/web/websocket/constants.js +0 -126
  224. package/node_modules/undici/lib/web/websocket/events.js +0 -331
  225. package/node_modules/undici/lib/web/websocket/frame.js +0 -133
  226. package/node_modules/undici/lib/web/websocket/permessage-deflate.js +0 -100
  227. package/node_modules/undici/lib/web/websocket/receiver.js +0 -507
  228. package/node_modules/undici/lib/web/websocket/sender.js +0 -109
  229. package/node_modules/undici/lib/web/websocket/stream/websocketerror.js +0 -104
  230. package/node_modules/undici/lib/web/websocket/stream/websocketstream.js +0 -498
  231. package/node_modules/undici/lib/web/websocket/util.js +0 -347
  232. package/node_modules/undici/lib/web/websocket/websocket.js +0 -758
  233. package/node_modules/undici/package.json +0 -152
  234. package/node_modules/undici/scripts/strip-comments.js +0 -10
  235. package/node_modules/undici/types/README.md +0 -6
  236. package/node_modules/undici/types/agent.d.ts +0 -32
  237. package/node_modules/undici/types/api.d.ts +0 -43
  238. package/node_modules/undici/types/balanced-pool.d.ts +0 -30
  239. package/node_modules/undici/types/cache-interceptor.d.ts +0 -179
  240. package/node_modules/undici/types/cache.d.ts +0 -36
  241. package/node_modules/undici/types/client-stats.d.ts +0 -15
  242. package/node_modules/undici/types/client.d.ts +0 -139
  243. package/node_modules/undici/types/connector.d.ts +0 -36
  244. package/node_modules/undici/types/content-type.d.ts +0 -21
  245. package/node_modules/undici/types/cookies.d.ts +0 -30
  246. package/node_modules/undici/types/diagnostics-channel.d.ts +0 -74
  247. package/node_modules/undici/types/dispatcher.d.ts +0 -275
  248. package/node_modules/undici/types/env-http-proxy-agent.d.ts +0 -22
  249. package/node_modules/undici/types/errors.d.ts +0 -177
  250. package/node_modules/undici/types/eventsource.d.ts +0 -66
  251. package/node_modules/undici/types/fetch.d.ts +0 -231
  252. package/node_modules/undici/types/formdata.d.ts +0 -114
  253. package/node_modules/undici/types/global-dispatcher.d.ts +0 -9
  254. package/node_modules/undici/types/global-origin.d.ts +0 -7
  255. package/node_modules/undici/types/h2c-client.d.ts +0 -73
  256. package/node_modules/undici/types/handlers.d.ts +0 -14
  257. package/node_modules/undici/types/header.d.ts +0 -160
  258. package/node_modules/undici/types/index.d.ts +0 -91
  259. package/node_modules/undici/types/interceptors.d.ts +0 -80
  260. package/node_modules/undici/types/mock-agent.d.ts +0 -68
  261. package/node_modules/undici/types/mock-call-history.d.ts +0 -111
  262. package/node_modules/undici/types/mock-client.d.ts +0 -27
  263. package/node_modules/undici/types/mock-errors.d.ts +0 -12
  264. package/node_modules/undici/types/mock-interceptor.d.ts +0 -94
  265. package/node_modules/undici/types/mock-pool.d.ts +0 -27
  266. package/node_modules/undici/types/patch.d.ts +0 -29
  267. package/node_modules/undici/types/pool-stats.d.ts +0 -19
  268. package/node_modules/undici/types/pool.d.ts +0 -41
  269. package/node_modules/undici/types/proxy-agent.d.ts +0 -29
  270. package/node_modules/undici/types/readable.d.ts +0 -68
  271. package/node_modules/undici/types/retry-agent.d.ts +0 -8
  272. package/node_modules/undici/types/retry-handler.d.ts +0 -125
  273. package/node_modules/undici/types/round-robin-pool.d.ts +0 -41
  274. package/node_modules/undici/types/snapshot-agent.d.ts +0 -109
  275. package/node_modules/undici/types/socks5-proxy-agent.d.ts +0 -25
  276. package/node_modules/undici/types/util.d.ts +0 -18
  277. package/node_modules/undici/types/utility.d.ts +0 -7
  278. package/node_modules/undici/types/webidl.d.ts +0 -347
  279. package/node_modules/undici/types/websocket.d.ts +0 -188
@@ -1,314 +0,0 @@
1
- 'use strict'
2
-
3
- const { collectASequenceOfCodePointsFast } = require('../infra')
4
- const { maxNameValuePairSize, maxAttributeValueSize } = require('./constants')
5
- const { isCTLExcludingHtab } = require('./util')
6
- const assert = require('node:assert')
7
-
8
- /**
9
- * @description Parses the field-value attributes of a set-cookie header string.
10
- * @see https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4
11
- * @param {string} header
12
- * @returns {import('./index').Cookie|null} if the header is invalid, null will be returned
13
- */
14
- function parseSetCookie (header) {
15
- // 1. If the set-cookie-string contains a %x00-08 / %x0A-1F / %x7F
16
- // character (CTL characters excluding HTAB): Abort these steps and
17
- // ignore the set-cookie-string entirely.
18
- if (isCTLExcludingHtab(header)) {
19
- return null
20
- }
21
-
22
- let nameValuePair = ''
23
- let unparsedAttributes = ''
24
- let name = ''
25
- let value = ''
26
-
27
- // 2. If the set-cookie-string contains a %x3B (";") character:
28
- if (header.includes(';')) {
29
- // 1. The name-value-pair string consists of the characters up to,
30
- // but not including, the first %x3B (";"), and the unparsed-
31
- // attributes consist of the remainder of the set-cookie-string
32
- // (including the %x3B (";") in question).
33
- const position = { position: 0 }
34
-
35
- nameValuePair = collectASequenceOfCodePointsFast(';', header, position)
36
- unparsedAttributes = header.slice(position.position)
37
- } else {
38
- // Otherwise:
39
-
40
- // 1. The name-value-pair string consists of all the characters
41
- // contained in the set-cookie-string, and the unparsed-
42
- // attributes is the empty string.
43
- nameValuePair = header
44
- }
45
-
46
- // 3. If the name-value-pair string lacks a %x3D ("=") character, then
47
- // the name string is empty, and the value string is the value of
48
- // name-value-pair.
49
- if (!nameValuePair.includes('=')) {
50
- value = nameValuePair
51
- } else {
52
- // Otherwise, the name string consists of the characters up to, but
53
- // not including, the first %x3D ("=") character, and the (possibly
54
- // empty) value string consists of the characters after the first
55
- // %x3D ("=") character.
56
- const position = { position: 0 }
57
- name = collectASequenceOfCodePointsFast(
58
- '=',
59
- nameValuePair,
60
- position
61
- )
62
- value = nameValuePair.slice(position.position + 1)
63
- }
64
-
65
- // 4. Remove any leading or trailing WSP characters from the name
66
- // string and the value string.
67
- name = name.trim()
68
- value = value.trim()
69
-
70
- // 5. If the sum of the lengths of the name string and the value string
71
- // is more than 4096 octets, abort these steps and ignore the set-
72
- // cookie-string entirely.
73
- if (name.length + value.length > maxNameValuePairSize) {
74
- return null
75
- }
76
-
77
- // 6. The cookie-name is the name string, and the cookie-value is the
78
- // value string.
79
- // https://datatracker.ietf.org/doc/html/rfc6265
80
- // To maximize compatibility with user agents, servers that wish to
81
- // store arbitrary data in a cookie-value SHOULD encode that data, for
82
- // example, using Base64 [RFC4648].
83
- return {
84
- name, value, ...parseUnparsedAttributes(unparsedAttributes)
85
- }
86
- }
87
-
88
- /**
89
- * Parses the remaining attributes of a set-cookie header
90
- * @see https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4
91
- * @param {string} unparsedAttributes
92
- * @param {Object.<string, unknown>} [cookieAttributeList={}]
93
- */
94
- function parseUnparsedAttributes (unparsedAttributes, cookieAttributeList = {}) {
95
- // 1. If the unparsed-attributes string is empty, skip the rest of
96
- // these steps.
97
- if (unparsedAttributes.length === 0) {
98
- return cookieAttributeList
99
- }
100
-
101
- // 2. Discard the first character of the unparsed-attributes (which
102
- // will be a %x3B (";") character).
103
- assert(unparsedAttributes[0] === ';')
104
- unparsedAttributes = unparsedAttributes.slice(1)
105
-
106
- let cookieAv = ''
107
-
108
- // 3. If the remaining unparsed-attributes contains a %x3B (";")
109
- // character:
110
- if (unparsedAttributes.includes(';')) {
111
- // 1. Consume the characters of the unparsed-attributes up to, but
112
- // not including, the first %x3B (";") character.
113
- cookieAv = collectASequenceOfCodePointsFast(
114
- ';',
115
- unparsedAttributes,
116
- { position: 0 }
117
- )
118
- unparsedAttributes = unparsedAttributes.slice(cookieAv.length)
119
- } else {
120
- // Otherwise:
121
-
122
- // 1. Consume the remainder of the unparsed-attributes.
123
- cookieAv = unparsedAttributes
124
- unparsedAttributes = ''
125
- }
126
-
127
- // Let the cookie-av string be the characters consumed in this step.
128
-
129
- let attributeName = ''
130
- let attributeValue = ''
131
-
132
- // 4. If the cookie-av string contains a %x3D ("=") character:
133
- if (cookieAv.includes('=')) {
134
- // 1. The (possibly empty) attribute-name string consists of the
135
- // characters up to, but not including, the first %x3D ("=")
136
- // character, and the (possibly empty) attribute-value string
137
- // consists of the characters after the first %x3D ("=")
138
- // character.
139
- const position = { position: 0 }
140
-
141
- attributeName = collectASequenceOfCodePointsFast(
142
- '=',
143
- cookieAv,
144
- position
145
- )
146
- attributeValue = cookieAv.slice(position.position + 1)
147
- } else {
148
- // Otherwise:
149
-
150
- // 1. The attribute-name string consists of the entire cookie-av
151
- // string, and the attribute-value string is empty.
152
- attributeName = cookieAv
153
- }
154
-
155
- // 5. Remove any leading or trailing WSP characters from the attribute-
156
- // name string and the attribute-value string.
157
- attributeName = attributeName.trim()
158
- attributeValue = attributeValue.trim()
159
-
160
- // 6. If the attribute-value is longer than 1024 octets, ignore the
161
- // cookie-av string and return to Step 1 of this algorithm.
162
- if (attributeValue.length > maxAttributeValueSize) {
163
- return parseUnparsedAttributes(unparsedAttributes, cookieAttributeList)
164
- }
165
-
166
- // 7. Process the attribute-name and attribute-value according to the
167
- // requirements in the following subsections. (Notice that
168
- // attributes with unrecognized attribute-names are ignored.)
169
- const attributeNameLowercase = attributeName.toLowerCase()
170
-
171
- // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.1
172
- // If the attribute-name case-insensitively matches the string
173
- // "Expires", the user agent MUST process the cookie-av as follows.
174
- if (attributeNameLowercase === 'expires') {
175
- // 1. Let the expiry-time be the result of parsing the attribute-value
176
- // as cookie-date (see Section 5.1.1).
177
- const expiryTime = new Date(attributeValue)
178
-
179
- // 2. If the attribute-value failed to parse as a cookie date, ignore
180
- // the cookie-av.
181
-
182
- cookieAttributeList.expires = expiryTime
183
- } else if (attributeNameLowercase === 'max-age') {
184
- // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.2
185
- // If the attribute-name case-insensitively matches the string "Max-
186
- // Age", the user agent MUST process the cookie-av as follows.
187
-
188
- // 1. If the first character of the attribute-value is not a DIGIT or a
189
- // "-" character, ignore the cookie-av.
190
- const charCode = attributeValue.charCodeAt(0)
191
-
192
- if ((charCode < 48 || charCode > 57) && attributeValue[0] !== '-') {
193
- return parseUnparsedAttributes(unparsedAttributes, cookieAttributeList)
194
- }
195
-
196
- // 2. If the remainder of attribute-value contains a non-DIGIT
197
- // character, ignore the cookie-av.
198
- if (!/^\d+$/.test(attributeValue)) {
199
- return parseUnparsedAttributes(unparsedAttributes, cookieAttributeList)
200
- }
201
-
202
- // 3. Let delta-seconds be the attribute-value converted to an integer.
203
- const deltaSeconds = Number(attributeValue)
204
-
205
- // 4. Let cookie-age-limit be the maximum age of the cookie (which
206
- // SHOULD be 400 days or less, see Section 4.1.2.2).
207
-
208
- // 5. Set delta-seconds to the smaller of its present value and cookie-
209
- // age-limit.
210
- // deltaSeconds = Math.min(deltaSeconds * 1000, maxExpiresMs)
211
-
212
- // 6. If delta-seconds is less than or equal to zero (0), let expiry-
213
- // time be the earliest representable date and time. Otherwise, let
214
- // the expiry-time be the current date and time plus delta-seconds
215
- // seconds.
216
- // const expiryTime = deltaSeconds <= 0 ? Date.now() : Date.now() + deltaSeconds
217
-
218
- // 7. Append an attribute to the cookie-attribute-list with an
219
- // attribute-name of Max-Age and an attribute-value of expiry-time.
220
- cookieAttributeList.maxAge = deltaSeconds
221
- } else if (attributeNameLowercase === 'domain') {
222
- // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.3
223
- // If the attribute-name case-insensitively matches the string "Domain",
224
- // the user agent MUST process the cookie-av as follows.
225
-
226
- // 1. Let cookie-domain be the attribute-value.
227
- let cookieDomain = attributeValue
228
-
229
- // 2. If cookie-domain starts with %x2E ("."), let cookie-domain be
230
- // cookie-domain without its leading %x2E (".").
231
- if (cookieDomain[0] === '.') {
232
- cookieDomain = cookieDomain.slice(1)
233
- }
234
-
235
- // 3. Convert the cookie-domain to lower case.
236
- cookieDomain = cookieDomain.toLowerCase()
237
-
238
- // 4. Append an attribute to the cookie-attribute-list with an
239
- // attribute-name of Domain and an attribute-value of cookie-domain.
240
- cookieAttributeList.domain = cookieDomain
241
- } else if (attributeNameLowercase === 'path') {
242
- // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.4
243
- // If the attribute-name case-insensitively matches the string "Path",
244
- // the user agent MUST process the cookie-av as follows.
245
-
246
- // 1. If the attribute-value is empty or if the first character of the
247
- // attribute-value is not %x2F ("/"):
248
- let cookiePath = ''
249
- if (attributeValue.length === 0 || attributeValue[0] !== '/') {
250
- // 1. Let cookie-path be the default-path.
251
- cookiePath = '/'
252
- } else {
253
- // Otherwise:
254
-
255
- // 1. Let cookie-path be the attribute-value.
256
- cookiePath = attributeValue
257
- }
258
-
259
- // 2. Append an attribute to the cookie-attribute-list with an
260
- // attribute-name of Path and an attribute-value of cookie-path.
261
- cookieAttributeList.path = cookiePath
262
- } else if (attributeNameLowercase === 'secure') {
263
- // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.5
264
- // If the attribute-name case-insensitively matches the string "Secure",
265
- // the user agent MUST append an attribute to the cookie-attribute-list
266
- // with an attribute-name of Secure and an empty attribute-value.
267
-
268
- cookieAttributeList.secure = true
269
- } else if (attributeNameLowercase === 'httponly') {
270
- // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.6
271
- // If the attribute-name case-insensitively matches the string
272
- // "HttpOnly", the user agent MUST append an attribute to the cookie-
273
- // attribute-list with an attribute-name of HttpOnly and an empty
274
- // attribute-value.
275
-
276
- cookieAttributeList.httpOnly = true
277
- } else if (attributeNameLowercase === 'samesite') {
278
- // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4.7
279
- // If the attribute-name case-insensitively matches the string
280
- // "SameSite", the user agent MUST process the cookie-av as follows:
281
-
282
- const attributeValueLowercase = attributeValue.toLowerCase()
283
-
284
- // 1. If cookie-av's attribute-value is a case-insensitive match for
285
- // "None", append an attribute to the cookie-attribute-list with an
286
- // attribute-name of "SameSite" and an attribute-value of "None".
287
- if (attributeValueLowercase === 'none') {
288
- cookieAttributeList.sameSite = 'None'
289
- } else if (attributeValueLowercase === 'strict') {
290
- // 2. If cookie-av's attribute-value is a case-insensitive match for
291
- // "Strict", append an attribute to the cookie-attribute-list with
292
- // an attribute-name of "SameSite" and an attribute-value of
293
- // "Strict".
294
- cookieAttributeList.sameSite = 'Strict'
295
- } else if (attributeValueLowercase === 'lax') {
296
- // 3. If cookie-av's attribute-value is a case-insensitive match for
297
- // "Lax", append an attribute to the cookie-attribute-list with an
298
- // attribute-name of "SameSite" and an attribute-value of "Lax".
299
- cookieAttributeList.sameSite = 'Lax'
300
- }
301
- } else {
302
- cookieAttributeList.unparsed ??= []
303
-
304
- cookieAttributeList.unparsed.push(`${attributeName}=${attributeValue}`)
305
- }
306
-
307
- // 8. Return to Step 1 of this algorithm.
308
- return parseUnparsedAttributes(unparsedAttributes, cookieAttributeList)
309
- }
310
-
311
- module.exports = {
312
- parseSetCookie,
313
- parseUnparsedAttributes
314
- }
@@ -1,282 +0,0 @@
1
- 'use strict'
2
-
3
- /**
4
- * @param {string} value
5
- * @returns {boolean}
6
- */
7
- function isCTLExcludingHtab (value) {
8
- for (let i = 0; i < value.length; ++i) {
9
- const code = value.charCodeAt(i)
10
-
11
- if (
12
- (code >= 0x00 && code <= 0x08) ||
13
- (code >= 0x0A && code <= 0x1F) ||
14
- code === 0x7F
15
- ) {
16
- return true
17
- }
18
- }
19
- return false
20
- }
21
-
22
- /**
23
- CHAR = <any US-ASCII character (octets 0 - 127)>
24
- token = 1*<any CHAR except CTLs or separators>
25
- separators = "(" | ")" | "<" | ">" | "@"
26
- | "," | ";" | ":" | "\" | <">
27
- | "/" | "[" | "]" | "?" | "="
28
- | "{" | "}" | SP | HT
29
- * @param {string} name
30
- */
31
- function validateCookieName (name) {
32
- for (let i = 0; i < name.length; ++i) {
33
- const code = name.charCodeAt(i)
34
-
35
- if (
36
- code < 0x21 || // exclude CTLs (0-31), SP and HT
37
- code > 0x7E || // exclude non-ascii and DEL
38
- code === 0x22 || // "
39
- code === 0x28 || // (
40
- code === 0x29 || // )
41
- code === 0x3C || // <
42
- code === 0x3E || // >
43
- code === 0x40 || // @
44
- code === 0x2C || // ,
45
- code === 0x3B || // ;
46
- code === 0x3A || // :
47
- code === 0x5C || // \
48
- code === 0x2F || // /
49
- code === 0x5B || // [
50
- code === 0x5D || // ]
51
- code === 0x3F || // ?
52
- code === 0x3D || // =
53
- code === 0x7B || // {
54
- code === 0x7D // }
55
- ) {
56
- throw new Error('Invalid cookie name')
57
- }
58
- }
59
- }
60
-
61
- /**
62
- cookie-value = *cookie-octet / ( DQUOTE *cookie-octet DQUOTE )
63
- cookie-octet = %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E
64
- ; US-ASCII characters excluding CTLs,
65
- ; whitespace DQUOTE, comma, semicolon,
66
- ; and backslash
67
- * @param {string} value
68
- */
69
- function validateCookieValue (value) {
70
- let len = value.length
71
- let i = 0
72
-
73
- // if the value is wrapped in DQUOTE
74
- if (value[0] === '"') {
75
- if (len === 1 || value[len - 1] !== '"') {
76
- throw new Error('Invalid cookie value')
77
- }
78
- --len
79
- ++i
80
- }
81
-
82
- while (i < len) {
83
- const code = value.charCodeAt(i++)
84
-
85
- if (
86
- code < 0x21 || // exclude CTLs (0-31)
87
- code > 0x7E || // non-ascii and DEL (127)
88
- code === 0x22 || // "
89
- code === 0x2C || // ,
90
- code === 0x3B || // ;
91
- code === 0x5C // \
92
- ) {
93
- throw new Error('Invalid cookie value')
94
- }
95
- }
96
- }
97
-
98
- /**
99
- * path-value = <any CHAR except CTLs or ";">
100
- * @param {string} path
101
- */
102
- function validateCookiePath (path) {
103
- for (let i = 0; i < path.length; ++i) {
104
- const code = path.charCodeAt(i)
105
-
106
- if (
107
- code < 0x20 || // exclude CTLs (0-31)
108
- code === 0x7F || // DEL
109
- code === 0x3B // ;
110
- ) {
111
- throw new Error('Invalid cookie path')
112
- }
113
- }
114
- }
115
-
116
- /**
117
- * I have no idea why these values aren't allowed to be honest,
118
- * but Deno tests these. - Khafra
119
- * @param {string} domain
120
- */
121
- function validateCookieDomain (domain) {
122
- if (
123
- domain.startsWith('-') ||
124
- domain.endsWith('.') ||
125
- domain.endsWith('-')
126
- ) {
127
- throw new Error('Invalid cookie domain')
128
- }
129
- }
130
-
131
- const IMFDays = [
132
- 'Sun', 'Mon', 'Tue', 'Wed',
133
- 'Thu', 'Fri', 'Sat'
134
- ]
135
-
136
- const IMFMonths = [
137
- 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun',
138
- 'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec'
139
- ]
140
-
141
- const IMFPaddedNumbers = Array(61).fill(0).map((_, i) => i.toString().padStart(2, '0'))
142
-
143
- /**
144
- * @see https://www.rfc-editor.org/rfc/rfc7231#section-7.1.1.1
145
- * @param {number|Date} date
146
- IMF-fixdate = day-name "," SP date1 SP time-of-day SP GMT
147
- ; fixed length/zone/capitalization subset of the format
148
- ; see Section 3.3 of [RFC5322]
149
-
150
- day-name = %x4D.6F.6E ; "Mon", case-sensitive
151
- / %x54.75.65 ; "Tue", case-sensitive
152
- / %x57.65.64 ; "Wed", case-sensitive
153
- / %x54.68.75 ; "Thu", case-sensitive
154
- / %x46.72.69 ; "Fri", case-sensitive
155
- / %x53.61.74 ; "Sat", case-sensitive
156
- / %x53.75.6E ; "Sun", case-sensitive
157
- date1 = day SP month SP year
158
- ; e.g., 02 Jun 1982
159
-
160
- day = 2DIGIT
161
- month = %x4A.61.6E ; "Jan", case-sensitive
162
- / %x46.65.62 ; "Feb", case-sensitive
163
- / %x4D.61.72 ; "Mar", case-sensitive
164
- / %x41.70.72 ; "Apr", case-sensitive
165
- / %x4D.61.79 ; "May", case-sensitive
166
- / %x4A.75.6E ; "Jun", case-sensitive
167
- / %x4A.75.6C ; "Jul", case-sensitive
168
- / %x41.75.67 ; "Aug", case-sensitive
169
- / %x53.65.70 ; "Sep", case-sensitive
170
- / %x4F.63.74 ; "Oct", case-sensitive
171
- / %x4E.6F.76 ; "Nov", case-sensitive
172
- / %x44.65.63 ; "Dec", case-sensitive
173
- year = 4DIGIT
174
-
175
- GMT = %x47.4D.54 ; "GMT", case-sensitive
176
-
177
- time-of-day = hour ":" minute ":" second
178
- ; 00:00:00 - 23:59:60 (leap second)
179
-
180
- hour = 2DIGIT
181
- minute = 2DIGIT
182
- second = 2DIGIT
183
- */
184
- function toIMFDate (date) {
185
- if (typeof date === 'number') {
186
- date = new Date(date)
187
- }
188
-
189
- return `${IMFDays[date.getUTCDay()]}, ${IMFPaddedNumbers[date.getUTCDate()]} ${IMFMonths[date.getUTCMonth()]} ${date.getUTCFullYear()} ${IMFPaddedNumbers[date.getUTCHours()]}:${IMFPaddedNumbers[date.getUTCMinutes()]}:${IMFPaddedNumbers[date.getUTCSeconds()]} GMT`
190
- }
191
-
192
- /**
193
- max-age-av = "Max-Age=" non-zero-digit *DIGIT
194
- ; In practice, both expires-av and max-age-av
195
- ; are limited to dates representable by the
196
- ; user agent.
197
- * @param {number} maxAge
198
- */
199
- function validateCookieMaxAge (maxAge) {
200
- if (maxAge < 0) {
201
- throw new Error('Invalid cookie max-age')
202
- }
203
- }
204
-
205
- /**
206
- * @see https://www.rfc-editor.org/rfc/rfc6265#section-4.1.1
207
- * @param {import('./index').Cookie} cookie
208
- */
209
- function stringify (cookie) {
210
- if (cookie.name.length === 0) {
211
- return null
212
- }
213
-
214
- validateCookieName(cookie.name)
215
- validateCookieValue(cookie.value)
216
-
217
- const out = [`${cookie.name}=${cookie.value}`]
218
-
219
- // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-cookie-prefixes-00#section-3.1
220
- // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-cookie-prefixes-00#section-3.2
221
- if (cookie.name.startsWith('__Secure-')) {
222
- cookie.secure = true
223
- }
224
-
225
- if (cookie.name.startsWith('__Host-')) {
226
- cookie.secure = true
227
- cookie.domain = null
228
- cookie.path = '/'
229
- }
230
-
231
- if (cookie.secure) {
232
- out.push('Secure')
233
- }
234
-
235
- if (cookie.httpOnly) {
236
- out.push('HttpOnly')
237
- }
238
-
239
- if (typeof cookie.maxAge === 'number') {
240
- validateCookieMaxAge(cookie.maxAge)
241
- out.push(`Max-Age=${cookie.maxAge}`)
242
- }
243
-
244
- if (cookie.domain) {
245
- validateCookieDomain(cookie.domain)
246
- out.push(`Domain=${cookie.domain}`)
247
- }
248
-
249
- if (cookie.path) {
250
- validateCookiePath(cookie.path)
251
- out.push(`Path=${cookie.path}`)
252
- }
253
-
254
- if (cookie.expires && cookie.expires.toString() !== 'Invalid Date') {
255
- out.push(`Expires=${toIMFDate(cookie.expires)}`)
256
- }
257
-
258
- if (cookie.sameSite) {
259
- out.push(`SameSite=${cookie.sameSite}`)
260
- }
261
-
262
- for (const part of cookie.unparsed) {
263
- if (!part.includes('=')) {
264
- throw new Error('Invalid unparsed')
265
- }
266
-
267
- const [key, ...value] = part.split('=')
268
-
269
- out.push(`${key.trim()}=${value.join('=')}`)
270
- }
271
-
272
- return out.join('; ')
273
- }
274
-
275
- module.exports = {
276
- isCTLExcludingHtab,
277
- validateCookieName,
278
- validateCookiePath,
279
- validateCookieValue,
280
- toIMFDate,
281
- stringify
282
- }