From 709c9992e3494bbcd0addaa0735b8e71ea284e96 Mon Sep 17 00:00:00 2001 From: Rich Harris Date: Mon, 1 Oct 2018 22:47:11 -0400 Subject: [PATCH] more robust cookies --- .../src/server/middleware/get_page_handler.ts | 28 ++++++++++--------- test/app/src/routes/credentials/test.json.js | 15 ++++------ test/app/src/server.js | 2 +- test/common/test.js | 4 +-- 4 files changed, 23 insertions(+), 26 deletions(-) diff --git a/templates/src/server/middleware/get_page_handler.ts b/templates/src/server/middleware/get_page_handler.ts index 338ebab8f..5be58d9c2 100644 --- a/templates/src/server/middleware/get_page_handler.ts +++ b/templates/src/server/middleware/get_page_handler.ts @@ -93,19 +93,21 @@ export function get_page_handler( if (include_cookies) { if (!opts.headers) opts.headers = {}; - const str = [] - .concat( - cookie.parse(req.headers.cookie || ''), - cookie.parse(opts.headers.cookie || ''), - cookie.parse(res.getHeader('Set-Cookie') || '') - ) - .map(cookie => { - return Object.keys(cookie) - .map(name => `${name}=${encodeURIComponent(cookie[name])}`) - .join('; '); - }) - .filter(Boolean) - .join(', '); + const cookies = Object.assign( + {}, + cookie.parse(req.headers.cookie || ''), + cookie.parse(opts.headers.cookie || '') + ); + + const set_cookie = res.getHeader('Set-Cookie'); + (Array.isArray(set_cookie) ? set_cookie : [set_cookie]).forEach(str => { + const match = /([^=]+)=([^;]+)/.exec(str); + if (match) cookies[match[1]] = match[2]; + }); + + const str = Object.keys(cookies) + .map(key => `${key}=${cookies[key]}`) + .join('; '); opts.headers.cookie = str; } diff --git a/test/app/src/routes/credentials/test.json.js b/test/app/src/routes/credentials/test.json.js index 3e7a549e0..9522a0729 100644 --- a/test/app/src/routes/credentials/test.json.js +++ b/test/app/src/routes/credentials/test.json.js @@ -1,20 +1,15 @@ +import cookie from 'cookie'; + export function get(req, res) { - const cookies = req.headers.cookie - ? req.headers.cookie.split(/,\s+/).reduce((cookies, cookie) => { - const [pair] = cookie.split('; '); - const [name, value] = pair.split('='); - cookies[name] = value; - return cookies; - }, {}) - : {}; + if (req.headers.cookie) { + const cookies = cookie.parse(req.headers.cookie); - if (cookies.test) { res.writeHead(200, { 'Content-Type': 'application/json' }); res.end(JSON.stringify({ - message: cookies.test + message: `a: ${cookies.a}, b: ${cookies.b}, max-age: ${cookies['max-age']}` })); } else { res.writeHead(403, { diff --git a/test/app/src/server.js b/test/app/src/server.js index 5415f7d8d..b75ceeb7d 100644 --- a/test/app/src/server.js +++ b/test/app/src/server.js @@ -44,7 +44,7 @@ const middlewares = [ // set test cookie (req, res, next) => { - res.setHeader('Set-Cookie', 'test=woohoo!; Max-Age=3600'); + res.setHeader('Set-Cookie', ['a=1; Path=/', 'b=2; Path=/']); next(); }, diff --git a/test/common/test.js b/test/common/test.js index 644b0338f..686c30327 100644 --- a/test/common/test.js +++ b/test/common/test.js @@ -623,7 +623,7 @@ function run({ mode, basepath = '' }) { return nightmare.goto(`${base}/credentials?creds=include`) .page.title() .then(title => { - assert.equal(title, 'woohoo!'); + assert.equal(title, 'a: 1, b: 2, max-age: undefined'); }); }); @@ -641,7 +641,7 @@ function run({ mode, basepath = '' }) { .wait(100) .page.title() .then(title => { - assert.equal(title, 'woohoo!'); + assert.equal(title, 'a: 1, b: 2, max-age: undefined'); }); });