diff options
Diffstat (limited to 'node_modules/cookie-parser')
| -rw-r--r-- | node_modules/cookie-parser/HISTORY.md | 85 | ||||
| -rw-r--r-- | node_modules/cookie-parser/LICENSE | 23 | ||||
| -rw-r--r-- | node_modules/cookie-parser/README.md | 85 | ||||
| -rw-r--r-- | node_modules/cookie-parser/index.js | 181 | ||||
| -rw-r--r-- | node_modules/cookie-parser/package.json | 76 |
5 files changed, 450 insertions, 0 deletions
diff --git a/node_modules/cookie-parser/HISTORY.md b/node_modules/cookie-parser/HISTORY.md new file mode 100644 index 0000000..4f28f50 --- /dev/null +++ b/node_modules/cookie-parser/HISTORY.md @@ -0,0 +1,85 @@ +1.4.3 / 2016-05-26 +================== + + * deps: cookie@0.3.1 + - perf: use for loop in parse + +1.4.2 / 2016-05-20 +================== + + * deps: cookie@0.2.4 + - perf: enable strict mode + - perf: use for loop in parse + - perf: use string concatination for serialization + +1.4.1 / 2016-01-11 +================== + + * deps: cookie@0.2.3 + * perf: enable strict mode + +1.4.0 / 2015-09-18 +================== + + * Accept array of secrets in addition to a single secret + * Fix `JSONCookie` to return `undefined` for non-string arguments + * Fix `signedCookie` to return `undefined` for non-string arguments + * deps: cookie@0.2.2 + +1.3.5 / 2015-05-19 +================== + + * deps: cookie@0.1.3 + - Slight optimizations + +1.3.4 / 2015-02-15 +================== + + * deps: cookie-signature@1.0.6 + +1.3.3 / 2014-09-05 +================== + + * deps: cookie-signature@1.0.5 + +1.3.2 / 2014-06-26 +================== + + * deps: cookie-signature@1.0.4 + - fix for timing attacks + +1.3.1 / 2014-06-17 +================== + + * actually export `signedCookie` + +1.3.0 / 2014-06-17 +================== + + * add `signedCookie` export for single cookie unsigning + +1.2.0 / 2014-06-17 +================== + + * export parsing functions + * `req.cookies` and `req.signedCookies` are now plain objects + * slightly faster parsing of many cookies + +1.1.0 / 2014-05-12 +================== + + * Support for NodeJS version 0.8 + * deps: cookie@0.1.2 + - Fix for maxAge == 0 + - made compat with expires field + - tweak maxAge NaN error message + +1.0.1 / 2014-02-20 +================== + + * add missing dependencies + +1.0.0 / 2014-02-15 +================== + + * Genesis from `connect` diff --git a/node_modules/cookie-parser/LICENSE b/node_modules/cookie-parser/LICENSE new file mode 100644 index 0000000..343f2ad --- /dev/null +++ b/node_modules/cookie-parser/LICENSE @@ -0,0 +1,23 @@ +(The MIT License) + +Copyright (c) 2014 TJ Holowaychuk <tj@vision-media.ca> +Copyright (c) 2015 Douglas Christopher Wilson <doug@somethingdoug.com> + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +'Software'), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/node_modules/cookie-parser/README.md b/node_modules/cookie-parser/README.md new file mode 100644 index 0000000..05dbdc5 --- /dev/null +++ b/node_modules/cookie-parser/README.md @@ -0,0 +1,85 @@ +# cookie-parser + +[![NPM Version][npm-image]][npm-url] +[![NPM Downloads][downloads-image]][downloads-url] +[![Node.js Version][node-version-image]][node-version-url] +[![Build Status][travis-image]][travis-url] +[![Test Coverage][coveralls-image]][coveralls-url] + +Parse `Cookie` header and populate `req.cookies` with an object keyed by the cookie +names. Optionally you may enable signed cookie support by passing a `secret` string, +which assigns `req.secret` so it may be used by other middleware. + +## Installation + +```sh +$ npm install cookie-parser +``` + +## API + +```js +var express = require('express') +var cookieParser = require('cookie-parser') + +var app = express() +app.use(cookieParser()) +``` + +### cookieParser(secret, options) + +- `secret` a string or array used for signing cookies. This is optional and if not specified, will not parse signed cookies. If a string is provided, this is used as the secret. If an array is provided, an attempt will be made to unsign the cookie with each secret in order. +- `options` an object that is passed to `cookie.parse` as the second option. See [cookie](https://www.npmjs.org/package/cookie) for more information. + - `decode` a function to decode the value of the cookie + +### cookieParser.JSONCookie(str) + +Parse a cookie value as a JSON cookie. This will return the parsed JSON value if it was a JSON cookie, otherwise it will return the passed value. + +### cookieParser.JSONCookies(cookies) + +Given an object, this will iterate over the keys and call `JSONCookie` on each value. This will return the same object passed in. + +### cookieParser.signedCookie(str, secret) + +Parse a cookie value as a signed cookie. This will return the parsed unsigned value if it was a signed cookie and the signature was valid, otherwise it will return the passed value. + +The `secret` argument can be an array or string. If a string is provided, this is used as the secret. If an array is provided, an attempt will be made to unsign the cookie with each secret in order. + +### cookieParser.signedCookies(cookies, secret) + +Given an object, this will iterate over the keys and check if any value is a signed cookie. If it is a signed cookie and the signature is valid, the key will be deleted from the object and added to the new object that is returned. + +The `secret` argument can be an array or string. If a string is provided, this is used as the secret. If an array is provided, an attempt will be made to unsign the cookie with each secret in order. + +## Example + +```js +var express = require('express') +var cookieParser = require('cookie-parser') + +var app = express() +app.use(cookieParser()) + +app.get('/', function(req, res) { + console.log('Cookies: ', req.cookies) +}) + +app.listen(8080) + +// curl command that sends an HTTP request with two cookies +// curl http://127.0.0.1:8080 --cookie "Cho=Kim;Greet=Hello" +``` + +### [MIT Licensed](LICENSE) + +[npm-image]: https://img.shields.io/npm/v/cookie-parser.svg +[npm-url]: https://npmjs.org/package/cookie-parser +[node-version-image]: https://img.shields.io/node/v/cookie-parser.svg +[node-version-url]: https://nodejs.org/en/download +[travis-image]: https://img.shields.io/travis/expressjs/cookie-parser/master.svg +[travis-url]: https://travis-ci.org/expressjs/cookie-parser +[coveralls-image]: https://img.shields.io/coveralls/expressjs/cookie-parser/master.svg +[coveralls-url]: https://coveralls.io/r/expressjs/cookie-parser?branch=master +[downloads-image]: https://img.shields.io/npm/dm/cookie-parser.svg +[downloads-url]: https://npmjs.org/package/cookie-parser diff --git a/node_modules/cookie-parser/index.js b/node_modules/cookie-parser/index.js new file mode 100644 index 0000000..59816a2 --- /dev/null +++ b/node_modules/cookie-parser/index.js @@ -0,0 +1,181 @@ +/*! + * cookie-parser + * Copyright(c) 2014 TJ Holowaychuk + * Copyright(c) 2015 Douglas Christopher Wilson + * MIT Licensed + */ + +'use strict'; + +/** + * Module dependencies. + * @private + */ + +var cookie = require('cookie'); +var signature = require('cookie-signature'); + +/** + * Module exports. + * @public + */ + +module.exports = cookieParser; +module.exports.JSONCookie = JSONCookie; +module.exports.JSONCookies = JSONCookies; +module.exports.signedCookie = signedCookie; +module.exports.signedCookies = signedCookies; + +/** + * Parse Cookie header and populate `req.cookies` + * with an object keyed by the cookie names. + * + * @param {string|array} [secret] A string (or array of strings) representing cookie signing secret(s). + * @param {Object} [options] + * @return {Function} + * @public + */ + +function cookieParser(secret, options) { + return function cookieParser(req, res, next) { + if (req.cookies) { + return next(); + } + + var cookies = req.headers.cookie; + var secrets = !secret || Array.isArray(secret) + ? (secret || []) + : [secret]; + + req.secret = secrets[0]; + req.cookies = Object.create(null); + req.signedCookies = Object.create(null); + + // no cookies + if (!cookies) { + return next(); + } + + req.cookies = cookie.parse(cookies, options); + + // parse signed cookies + if (secrets.length !== 0) { + req.signedCookies = signedCookies(req.cookies, secrets); + req.signedCookies = JSONCookies(req.signedCookies); + } + + // parse JSON cookies + req.cookies = JSONCookies(req.cookies); + + next(); + }; +} + +/** + * Parse JSON cookie string. + * + * @param {String} str + * @return {Object} Parsed object or undefined if not json cookie + * @public + */ + +function JSONCookie(str) { + if (typeof str !== 'string' || str.substr(0, 2) !== 'j:') { + return undefined; + } + + try { + return JSON.parse(str.slice(2)); + } catch (err) { + return undefined; + } +} + +/** + * Parse JSON cookies. + * + * @param {Object} obj + * @return {Object} + * @public + */ + +function JSONCookies(obj) { + var cookies = Object.keys(obj); + var key; + var val; + + for (var i = 0; i < cookies.length; i++) { + key = cookies[i]; + val = JSONCookie(obj[key]); + + if (val) { + obj[key] = val; + } + } + + return obj; +} + +/** + * Parse a signed cookie string, return the decoded value. + * + * @param {String} str signed cookie string + * @param {string|array} secret + * @return {String} decoded value + * @public + */ + +function signedCookie(str, secret) { + if (typeof str !== 'string') { + return undefined; + } + + if (str.substr(0, 2) !== 's:') { + return str; + } + + var secrets = !secret || Array.isArray(secret) + ? (secret || []) + : [secret]; + + for (var i = 0; i < secrets.length; i++) { + var val = signature.unsign(str.slice(2), secrets[i]); + + if (val !== false) { + return val; + } + } + + return false; +} + +/** + * Parse signed cookies, returning an object containing the decoded key/value + * pairs, while removing the signed key from obj. + * + * @param {Object} obj + * @param {string|array} secret + * @return {Object} + * @public + */ + +function signedCookies(obj, secret) { + var cookies = Object.keys(obj); + var dec; + var key; + var ret = Object.create(null); + var val; + + for (var i = 0; i < cookies.length; i++) { + key = cookies[i]; + val = obj[key]; + dec = signedCookie(val, secret); + + if (val !== dec) { + ret[key] = dec; + delete obj[key]; + } + } + + return ret; +} diff --git a/node_modules/cookie-parser/package.json b/node_modules/cookie-parser/package.json new file mode 100644 index 0000000..c1aee12 --- /dev/null +++ b/node_modules/cookie-parser/package.json @@ -0,0 +1,76 @@ +{ + "_from": "cookie-parser@~1.4.3", + "_id": "cookie-parser@1.4.3", + "_inBundle": false, + "_integrity": "sha1-D+MfoZ0AC5X0qt8fU/3CuKIDuqU=", + "_location": "/cookie-parser", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "cookie-parser@~1.4.3", + "name": "cookie-parser", + "escapedName": "cookie-parser", + "rawSpec": "~1.4.3", + "saveSpec": null, + "fetchSpec": "~1.4.3" + }, + "_requiredBy": [ + "/" + ], + "_resolved": "https://registry.npmjs.org/cookie-parser/-/cookie-parser-1.4.3.tgz", + "_shasum": "0fe31fa19d000b95f4aadf1f53fdc2b8a203baa5", + "_spec": "cookie-parser@~1.4.3", + "_where": "/home/marvin/IdeaProjects/untitled", + "author": { + "name": "TJ Holowaychuk", + "email": "tj@vision-media.ca", + "url": "http://tjholowaychuk.com" + }, + "bugs": { + "url": "https://github.com/expressjs/cookie-parser/issues" + }, + "bundleDependencies": false, + "contributors": [ + { + "name": "Douglas Christopher Wilson", + "email": "doug@somethingdoug.com" + } + ], + "dependencies": { + "cookie": "0.3.1", + "cookie-signature": "1.0.6" + }, + "deprecated": false, + "description": "cookie parsing with signatures", + "devDependencies": { + "istanbul": "0.4.3", + "mocha": "2.5.3", + "supertest": "1.1.0" + }, + "engines": { + "node": ">= 0.8.0" + }, + "files": [ + "LICENSE", + "HISTORY.md", + "index.js" + ], + "homepage": "https://github.com/expressjs/cookie-parser#readme", + "keywords": [ + "cookie", + "middleware" + ], + "license": "MIT", + "name": "cookie-parser", + "repository": { + "type": "git", + "url": "git+https://github.com/expressjs/cookie-parser.git" + }, + "scripts": { + "test": "mocha --reporter spec --bail --check-leaks test/", + "test-cov": "istanbul cover node_modules/mocha/bin/_mocha -- --reporter dot --check-leaks test/", + "test-travis": "istanbul cover node_modules/mocha/bin/_mocha --report lcovonly -- --reporter spec --check-leaks test/" + }, + "version": "1.4.3" +} |