Context Navigation

← Previous Revision
Next Revision →
Normal
Revision Log

source: node_modules/undici/lib/cookies/util.js

main

Last change on this file was d24f17c, checked in by Aleksandar Panovski <apano77@…>, 15 months ago
Initial commit
Property mode set to `100644`
File size: 7.2 KB

Rev	Line
[d24f17c]	1	'use strict'
	2
	3	const assert = require('assert')
	4	const { kHeadersList } = require('../core/symbols')
	5
	6	function isCTLExcludingHtab (value) {
	7	if (value.length === 0) {
	8	return false
	9	}
	10
	11	for (const char of value) {
	12	const code = char.charCodeAt(0)
	13
	14	if (
	15	(code >= 0x00 \|\| code <= 0x08) \|\|
	16	(code >= 0x0A \|\| code <= 0x1F) \|\|
	17	code === 0x7F
	18	) {
	19	return false
	20	}
	21	}
	22	}
	23
	24	/**
	25	CHAR = <any US-ASCII character (octets 0 - 127)>
	26	token = 1*<any CHAR except CTLs or separators>
	27	separators = "(" \| ")" \| "<" \| ">" \| "@"
	28	\| "," \| ";" \| ":" \| "\" \| <">
	29	\| "/" \| "[" \| "]" \| "?" \| "="
	30	\| "{" \| "}" \| SP \| HT
	31	* @param {string} name
	32	*/
	33	function validateCookieName (name) {
	34	for (const char of name) {
	35	const code = char.charCodeAt(0)
	36
	37	if (
	38	(code <= 0x20 \|\| code > 0x7F) \|\|
	39	char === '(' \|\|
	40	char === ')' \|\|
	41	char === '>' \|\|
	42	char === '<' \|\|
	43	char === '@' \|\|
	44	char === ',' \|\|
	45	char === ';' \|\|
	46	char === ':' \|\|
	47	char === '\\' \|\|
	48	char === '"' \|\|
	49	char === '/' \|\|
	50	char === '[' \|\|
	51	char === ']' \|\|
	52	char === '?' \|\|
	53	char === '=' \|\|
	54	char === '{' \|\|
	55	char === '}'
	56	) {
	57	throw new Error('Invalid cookie name')
	58	}
	59	}
	60	}
	61
	62	/**
	63	cookie-value = cookie-octet / ( DQUOTE cookie-octet DQUOTE )
	64	cookie-octet = %x21 / %x23-2B / %x2D-3A / %x3C-5B / %x5D-7E
	65	; US-ASCII characters excluding CTLs,
	66	; whitespace DQUOTE, comma, semicolon,
	67	; and backslash
	68	* @param {string} value
	69	*/
	70	function validateCookieValue (value) {
	71	for (const char of value) {
	72	const code = char.charCodeAt(0)
	73
	74	if (
	75	code < 0x21 \|\| // exclude CTLs (0-31)
	76	code === 0x22 \|\|
	77	code === 0x2C \|\|
	78	code === 0x3B \|\|
	79	code === 0x5C \|\|
	80	code > 0x7E // non-ascii
	81	) {
	82	throw new Error('Invalid header value')
	83	}
	84	}
	85	}
	86
	87	/**
	88	* path-value = <any CHAR except CTLs or ";">
	89	* @param {string} path
	90	*/
	91	function validateCookiePath (path) {
	92	for (const char of path) {
	93	const code = char.charCodeAt(0)
	94
	95	if (code < 0x21 \|\| char === ';') {
	96	throw new Error('Invalid cookie path')
	97	}
	98	}
	99	}
	100
	101	/**
	102	* I have no idea why these values aren't allowed to be honest,
	103	* but Deno tests these. - Khafra
	104	* @param {string} domain
	105	*/
	106	function validateCookieDomain (domain) {
	107	if (
	108	domain.startsWith('-') \|\|
	109	domain.endsWith('.') \|\|
	110	domain.endsWith('-')
	111	) {
	112	throw new Error('Invalid cookie domain')
	113	}
	114	}
	115
	116	/**
	117	* @see https://www.rfc-editor.org/rfc/rfc7231#section-7.1.1.1
	118	* @param {number\|Date} date
	119	IMF-fixdate = day-name "," SP date1 SP time-of-day SP GMT
	120	; fixed length/zone/capitalization subset of the format
	121	; see Section 3.3 of [RFC5322]
	122
	123	day-name = %x4D.6F.6E ; "Mon", case-sensitive
	124	/ %x54.75.65 ; "Tue", case-sensitive
	125	/ %x57.65.64 ; "Wed", case-sensitive
	126	/ %x54.68.75 ; "Thu", case-sensitive
	127	/ %x46.72.69 ; "Fri", case-sensitive
	128	/ %x53.61.74 ; "Sat", case-sensitive
	129	/ %x53.75.6E ; "Sun", case-sensitive
	130	date1 = day SP month SP year
	131	; e.g., 02 Jun 1982
	132
	133	day = 2DIGIT
	134	month = %x4A.61.6E ; "Jan", case-sensitive
	135	/ %x46.65.62 ; "Feb", case-sensitive
	136	/ %x4D.61.72 ; "Mar", case-sensitive
	137	/ %x41.70.72 ; "Apr", case-sensitive
	138	/ %x4D.61.79 ; "May", case-sensitive
	139	/ %x4A.75.6E ; "Jun", case-sensitive
	140	/ %x4A.75.6C ; "Jul", case-sensitive
	141	/ %x41.75.67 ; "Aug", case-sensitive
	142	/ %x53.65.70 ; "Sep", case-sensitive
	143	/ %x4F.63.74 ; "Oct", case-sensitive
	144	/ %x4E.6F.76 ; "Nov", case-sensitive
	145	/ %x44.65.63 ; "Dec", case-sensitive
	146	year = 4DIGIT
	147
	148	GMT = %x47.4D.54 ; "GMT", case-sensitive
	149
	150	time-of-day = hour ":" minute ":" second
	151	; 00:00:00 - 23:59:60 (leap second)
	152
	153	hour = 2DIGIT
	154	minute = 2DIGIT
	155	second = 2DIGIT
	156	*/
	157	function toIMFDate (date) {
	158	if (typeof date === 'number') {
	159	date = new Date(date)
	160	}
	161
	162	const days = [
	163	'Sun', 'Mon', 'Tue', 'Wed',
	164	'Thu', 'Fri', 'Sat'
	165	]
	166
	167	const months = [
	168	'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun',
	169	'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec'
	170	]
	171
	172	const dayName = days[date.getUTCDay()]
	173	const day = date.getUTCDate().toString().padStart(2, '0')
	174	const month = months[date.getUTCMonth()]
	175	const year = date.getUTCFullYear()
	176	const hour = date.getUTCHours().toString().padStart(2, '0')
	177	const minute = date.getUTCMinutes().toString().padStart(2, '0')
	178	const second = date.getUTCSeconds().toString().padStart(2, '0')
	179
	180	return `${dayName}, ${day} ${month} ${year} ${hour}:${minute}:${second} GMT`
	181	}
	182
	183	/**
	184	max-age-av = "Max-Age=" non-zero-digit *DIGIT
	185	; In practice, both expires-av and max-age-av
	186	; are limited to dates representable by the
	187	; user agent.
	188	* @param {number} maxAge
	189	*/
	190	function validateCookieMaxAge (maxAge) {
	191	if (maxAge < 0) {
	192	throw new Error('Invalid cookie max-age')
	193	}
	194	}
	195
	196	/**
	197	* @see https://www.rfc-editor.org/rfc/rfc6265#section-4.1.1
	198	* @param {import('./index').Cookie} cookie
	199	*/
	200	function stringify (cookie) {
	201	if (cookie.name.length === 0) {
	202	return null
	203	}
	204
	205	validateCookieName(cookie.name)
	206	validateCookieValue(cookie.value)
	207
	208	const out = [`${cookie.name}=${cookie.value}`]
	209
	210	// https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-cookie-prefixes-00#section-3.1
	211	// https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-cookie-prefixes-00#section-3.2
	212	if (cookie.name.startsWith('__Secure-')) {
	213	cookie.secure = true
	214	}
	215
	216	if (cookie.name.startsWith('__Host-')) {
	217	cookie.secure = true
	218	cookie.domain = null
	219	cookie.path = '/'
	220	}
	221
	222	if (cookie.secure) {
	223	out.push('Secure')
	224	}
	225
	226	if (cookie.httpOnly) {
	227	out.push('HttpOnly')
	228	}
	229
	230	if (typeof cookie.maxAge === 'number') {
	231	validateCookieMaxAge(cookie.maxAge)
	232	out.push(`Max-Age=${cookie.maxAge}`)
	233	}
	234
	235	if (cookie.domain) {
	236	validateCookieDomain(cookie.domain)
	237	out.push(`Domain=${cookie.domain}`)
	238	}
	239
	240	if (cookie.path) {
	241	validateCookiePath(cookie.path)
	242	out.push(`Path=${cookie.path}`)
	243	}
	244
	245	if (cookie.expires && cookie.expires.toString() !== 'Invalid Date') {
	246	out.push(`Expires=${toIMFDate(cookie.expires)}`)
	247	}
	248
	249	if (cookie.sameSite) {
	250	out.push(`SameSite=${cookie.sameSite}`)
	251	}
	252
	253	for (const part of cookie.unparsed) {
	254	if (!part.includes('=')) {
	255	throw new Error('Invalid unparsed')
	256	}
	257
	258	const [key, ...value] = part.split('=')
	259
	260	out.push(`${key.trim()}=${value.join('=')}`)
	261	}
	262
	263	return out.join('; ')
	264	}
	265
	266	let kHeadersListNode
	267
	268	function getHeadersList (headers) {
	269	if (headers[kHeadersList]) {
	270	return headers[kHeadersList]
	271	}
	272
	273	if (!kHeadersListNode) {
	274	kHeadersListNode = Object.getOwnPropertySymbols(headers).find(
	275	(symbol) => symbol.description === 'headers list'
	276	)
	277
	278	assert(kHeadersListNode, 'Headers cannot be parsed')
	279	}
	280
	281	const headersList = headers[kHeadersListNode]
	282	assert(headersList)
	283
	284	return headersList
	285	}
	286
	287	module.exports = {
	288	isCTLExcludingHtab,
	289	stringify,
	290	getHeadersList
	291	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: