| 1 |
|
|---|
| 2 | // Simple cookie handling implementation based on the standard RFC 6265.
|
|---|
| 3 | //
|
|---|
| 4 | // This module just has two functionalities:
|
|---|
| 5 | // - Parse a set-cookie-header as a key value object
|
|---|
| 6 | // - Write a cookie-string from a key value object
|
|---|
| 7 | //
|
|---|
| 8 | // All cookie attributes are ignored.
|
|---|
| 9 |
|
|---|
| 10 | var unescape = require('querystring').unescape;
|
|---|
| 11 |
|
|---|
| 12 | var COOKIE_PAIR = /^([^=\s]+)\s*=\s*("?)\s*(.*)\s*\2\s*$/;
|
|---|
| 13 | var EXCLUDED_CHARS = /[\x00-\x1F\x7F\x3B\x3B\s\"\,\\"%]/g;
|
|---|
| 14 | var TRAILING_SEMICOLON = /\x3B+$/;
|
|---|
| 15 | var SEP_SEMICOLON = /\s*\x3B\s*/;
|
|---|
| 16 |
|
|---|
| 17 | // i know these should be 'const', but I'd like to keep
|
|---|
| 18 | // supporting earlier node.js versions as long as I can. :)
|
|---|
| 19 |
|
|---|
| 20 | var KEY_INDEX = 1; // index of key from COOKIE_PAIR match
|
|---|
| 21 | var VALUE_INDEX = 3; // index of value from COOKIE_PAIR match
|
|---|
| 22 |
|
|---|
| 23 | // Returns a copy str trimmed and without trainling semicolon.
|
|---|
| 24 | function cleanCookieString(str) {
|
|---|
| 25 | return str.trim().replace(/\x3B+$/, '');
|
|---|
| 26 | }
|
|---|
| 27 |
|
|---|
| 28 | function getFirstPair(str) {
|
|---|
| 29 | var index = str.indexOf('\x3B');
|
|---|
| 30 | return index === -1 ? str : str.substr(0, index);
|
|---|
| 31 | }
|
|---|
| 32 |
|
|---|
| 33 | // Returns a encoded copy of str based on RFC6265 S4.1.1.
|
|---|
| 34 | function encodeCookieComponent(str) {
|
|---|
| 35 | return str.toString().replace(EXCLUDED_CHARS, encodeURIComponent);
|
|---|
| 36 | }
|
|---|
| 37 |
|
|---|
| 38 | // Parses a set-cookie-string based on the standard defined in RFC6265 S4.1.1.
|
|---|
| 39 | function parseSetCookieString(str) {
|
|---|
| 40 | str = cleanCookieString(str);
|
|---|
| 41 | str = getFirstPair(str);
|
|---|
| 42 |
|
|---|
| 43 | var res = COOKIE_PAIR.exec(str);
|
|---|
| 44 | if (!res || !res[VALUE_INDEX]) return null;
|
|---|
| 45 |
|
|---|
| 46 | return {
|
|---|
| 47 | name : unescape(res[KEY_INDEX]),
|
|---|
| 48 | value : unescape(res[VALUE_INDEX])
|
|---|
| 49 | };
|
|---|
| 50 | }
|
|---|
| 51 |
|
|---|
| 52 | // Parses a set-cookie-header and returns a key/value object.
|
|---|
| 53 | // Each key represents the name of a cookie.
|
|---|
| 54 | function parseSetCookieHeader(header) {
|
|---|
| 55 | if (!header) return {};
|
|---|
| 56 | header = Array.isArray(header) ? header : [header];
|
|---|
| 57 |
|
|---|
| 58 | return header.reduce(function(res, str) {
|
|---|
| 59 | var cookie = parseSetCookieString(str);
|
|---|
| 60 | if (cookie) res[cookie.name] = cookie.value;
|
|---|
| 61 | return res;
|
|---|
| 62 | }, {});
|
|---|
| 63 | }
|
|---|
| 64 |
|
|---|
| 65 | // Writes a set-cookie-string based on the standard definded in RFC6265 S4.1.1.
|
|---|
| 66 | function writeCookieString(obj) {
|
|---|
| 67 | return Object.keys(obj).reduce(function(str, name) {
|
|---|
| 68 | var encodedName = encodeCookieComponent(name);
|
|---|
| 69 | var encodedValue = encodeCookieComponent(obj[name]);
|
|---|
| 70 | str += (str ? '; ' : '') + encodedName + '=' + encodedValue;
|
|---|
| 71 | return str;
|
|---|
| 72 | }, '');
|
|---|
| 73 | }
|
|---|
| 74 |
|
|---|
| 75 | // returns a key/val object from an array of cookie strings
|
|---|
| 76 | exports.read = parseSetCookieHeader;
|
|---|
| 77 |
|
|---|
| 78 | // writes a cookie string header
|
|---|
| 79 | exports.write = writeCookieString;
|
|---|
