diff --git a/HISTORY.md b/HISTORY.md index c0f46aa2..ef77098b 100644 --- a/HISTORY.md +++ b/HISTORY.md @@ -1,10 +1,11 @@ unreleased ========== + * Add `partitioned` to `cookie` options * Add `priority` to `cookie` options * Fix handling errors from setting cookie * Support any type in `secret` that `crypto.createHmac` supports - * deps: cookie@0.5.0 + * deps: cookie@0.6.0 - Fix `expires` option to reject invalid dates - perf: improve default decode speed - perf: remove slow string split in parse diff --git a/README.md b/README.md index 2ee2385e..b9b333b3 100644 --- a/README.md +++ b/README.md @@ -89,6 +89,18 @@ no maximum age is set. **Note** If both `expires` and `maxAge` are set in the options, then the last one defined in the object is what is used. +##### cookie.partitioned + +Specifies the `boolean` value for the [`Partitioned` `Set-Cookie`](rfc-cutler-httpbis-partitioned-cookies) +attribute. When truthy, the `Partitioned` attribute is set, otherwise it is not. +By default, the `Partitioned` attribute is not set. + +**Note** This is an attribute that has not yet been fully standardized, and may +change in the future. This also means many clients may ignore this attribute until +they understand it. + +More information about can be found in [the proposal](https://github.com/privacycg/CHIPS). + ##### cookie.path Specifies the value for the `Path` `Set-Cookie`. By default, this is set to `'/'`, which @@ -1002,6 +1014,7 @@ On Windows, use the corresponding command; [MIT](LICENSE) +[rfc-cutler-httpbis-partitioned-cookies]: https://tools.ietf.org/html/draft-cutler-httpbis-partitioned-cookies/ [rfc-6265bis-03-4.1.2.7]: https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-03#section-4.1.2.7 [rfc-west-cookie-priority-00-4.1]: https://tools.ietf.org/html/draft-west-cookie-priority-00#section-4.1 [ci-image]: https://badgen.net/github/checks/expressjs/session/master?label=ci diff --git a/package.json b/package.json index f3d663b4..52cd1d00 100644 --- a/package.json +++ b/package.json @@ -10,7 +10,7 @@ "repository": "expressjs/session", "license": "MIT", "dependencies": { - "cookie": "0.5.0", + "cookie": "0.6.0", "cookie-signature": "1.0.7", "debug": "2.6.9", "depd": "~2.0.0", diff --git a/session/cookie.js b/session/cookie.js index ff24d08b..8bb5907b 100644 --- a/session/cookie.js +++ b/session/cookie.js @@ -117,6 +117,7 @@ Cookie.prototype = { get data() { return { originalMaxAge: this.originalMaxAge, + partitioned: this.partitioned, priority: this.priority , expires: this._expires , secure: this.secure diff --git a/test/cookie.js b/test/cookie.js index 0869db9e..ea676e35 100644 --- a/test/cookie.js +++ b/test/cookie.js @@ -107,6 +107,14 @@ describe('new Cookie()', function () { }) }) + describe('partitioned', function () { + it('should set partitioned', function () { + var cookie = new Cookie({ partitioned: true }) + + assert.strictEqual(cookie.partitioned, true) + }) + }) + describe('path', function () { it('should set path', function () { var cookie = new Cookie({ path: '/foo' }) diff --git a/test/session.js b/test/session.js index e1b6419b..7bf3e51f 100644 --- a/test/session.js +++ b/test/session.js @@ -2233,6 +2233,41 @@ describe('session()', function(){ }) }) }) + + describe('.partitioned', function () { + describe('by default', function () { + it('should not set partitioned attribute', function (done) { + var server = createServer() + + request(server) + .get('/') + .expect(shouldSetCookieWithoutAttribute('connect.sid', 'Partitioned')) + .expect(200, done) + }) + }) + + describe('when "false"', function () { + it('should not set partitioned attribute', function (done) { + var server = createServer({ cookie: { partitioned: false } }) + + request(server) + .get('/') + .expect(shouldSetCookieWithoutAttribute('connect.sid', 'Partitioned')) + .expect(200, done) + }) + }) + + describe('when "true"', function () { + it('should set partitioned attribute', function (done) { + var server = createServer({ cookie: { partitioned: true } }) + + request(server) + .get('/') + .expect(shouldSetCookieWithAttribute('connect.sid', 'Partitioned')) + .expect(200, done) + }) + }) + }) }) })