From 4f2e43ccdecb8c3bc8eec47a7bc4ab92d42d4864 Mon Sep 17 00:00:00 2001 From: mum-never-proud Date: Sat, 21 Mar 2020 09:47:30 +0530 Subject: [PATCH 1/4] added samesite support --- .gitignore | 1 + src/cookies.js | 7 +++++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index f1b2c6f..181aa4e 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ /dist +.DS_Store bower.json \ No newline at end of file diff --git a/src/cookies.js b/src/cookies.js index ef202b7..71b5fb3 100644 --- a/src/cookies.js +++ b/src/cookies.js @@ -28,7 +28,8 @@ Cookies.defaults = { path: '/', - secure: false + secure: false, + sameSite: null }; Cookies.get = function (key) { @@ -59,7 +60,8 @@ path: options && options.path || Cookies.defaults.path, domain: options && options.domain || Cookies.defaults.domain, expires: options && options.expires || Cookies.defaults.expires, - secure: options && options.secure !== undefined ? options.secure : Cookies.defaults.secure + secure: options && options.secure !== undefined ? options.secure : Cookies.defaults.secure, + sameSite: options && options.sameSite || Cookies.defaults.sameSite }; }; @@ -95,6 +97,7 @@ cookieString += options.domain ? ';domain=' + options.domain : ''; cookieString += options.expires ? ';expires=' + options.expires.toUTCString() : ''; cookieString += options.secure ? ';secure' : ''; + cookieString += options.sameSite ? ';SameSite=' + options.sameSite : ''; return cookieString; }; From 62090294bfa2e735945b4747cfd2b6feb28fcf83 Mon Sep 17 00:00:00 2001 From: mum-never-proud Date: Sat, 21 Mar 2020 09:57:07 +0530 Subject: [PATCH 2/4] tests for samesite --- tests/spec/cookies-spec.js | 36 ++++++++++++++++++++++++++++-------- 1 file changed, 28 insertions(+), 8 deletions(-) diff --git a/tests/spec/cookies-spec.js b/tests/spec/cookies-spec.js index c977764..6ae3598 100644 --- a/tests/spec/cookies-spec.js +++ b/tests/spec/cookies-spec.js @@ -58,6 +58,10 @@ describe('UNIT TESTS', function () { it('has a defined `secure` value of `false`', function () { expect(Cookies.defaults.secure).toBe(false); }); + + it('has a defined `sameSite` value of `null`', function () { + expect(Cookies.defaults.sameSite).toBe(null); + }); }); describe('Cookies.get(key)', function () { @@ -139,7 +143,8 @@ describe('UNIT TESTS', function () { path: '/cookies', domain: 'www.scotthamper.com', expires: '01/01/2013 GMT', - secure: false + secure: false, + sameSite: null }; }); @@ -186,7 +191,8 @@ describe('UNIT TESTS', function () { path: Cookies.defaults.path, domain: Cookies.defaults.domain, expires: new Date(Cookies.defaults.expires), - secure: Cookies.defaults.secure + secure: Cookies.defaults.secure, + sameSite: Cookies.defaults.sameSite }; spyOn(Cookies, '_generateCookieString').andCallThrough(); @@ -230,7 +236,8 @@ describe('UNIT TESTS', function () { path: '/cookies', domain: 'www.scotthamper.com', expires: '01/01/2013', - secure: false + secure: false, + sameSite: null }; }); @@ -247,7 +254,8 @@ describe('UNIT TESTS', function () { path: '/nom', domain: 'www.github.com', expires: '02/02/2013', - secure: true + secure: true, + sameSite: 'None' }; expect(Cookies._getExtendedOptions(options)).toEqual(options); @@ -260,7 +268,8 @@ describe('UNIT TESTS', function () { path: options.path, domain: Cookies.defaults.domain, expires: Cookies.defaults.expires, - secure: Cookies.defaults.secure + secure: Cookies.defaults.secure, + sameSite: Cookies.defaults.sameSite }); }); @@ -271,7 +280,8 @@ describe('UNIT TESTS', function () { path: Cookies.defaults.path, domain: options.domain, expires: Cookies.defaults.expires, - secure: Cookies.defaults.secure + secure: Cookies.defaults.secure, + sameSite: Cookies.defaults.sameSite }); }); @@ -282,7 +292,8 @@ describe('UNIT TESTS', function () { path: Cookies.defaults.path, domain: Cookies.defaults.domain, expires: options.expires, - secure: Cookies.defaults.secure + secure: Cookies.defaults.secure, + sameSite: Cookies.defaults.sameSite }); }); @@ -293,7 +304,8 @@ describe('UNIT TESTS', function () { path: Cookies.defaults.path, domain: Cookies.defaults.domain, expires: Cookies.defaults.expires, - secure: options.secure + secure: options.secure, + sameSite: Cookies.defaults.sameSite }); }); @@ -311,6 +323,7 @@ describe('UNIT TESTS', function () { expect(options.domain).toBeUndefined(); expect(options.expires).toBeUndefined(); expect(options.secure).toBeUndefined(); + expect(options.sameSite).toBeUndefined(); }); }); @@ -434,6 +447,13 @@ describe('UNIT TESTS', function () { var options = { secure: true }; expect(Cookies._generateCookieString(key, value, options)).toEqual('key=value;secure'); }); + + it('includes the SameSite flag when `options.sameSite` is defined', function () { + var options = { sameSite: 'None' }; + var expected = 'key=value;SameSite=None'; + + expect(Cookies._generateCookieString(key, value, options)).toEqual(expected); + }); }); describe('Cookies._getCacheFromString(documentCookie)', function () { From 71866057af1b82fb977ed3eea75200908fcb432c Mon Sep 17 00:00:00 2001 From: mum-never-proud Date: Sat, 21 Mar 2020 10:10:33 +0530 Subject: [PATCH 3/4] updated readme --- README.md | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index d9c455b..887f576 100644 --- a/README.md +++ b/README.md @@ -84,12 +84,13 @@ and [System.Uri.UnescapeDataString](http://msdn.microsoft.com/en-us/library/syst Sets a cookie in the document. If the cookie does not already exist, it will be created. Returns the `Cookies` object. -| Option | Description | Default | -| --------: | ------------------------------------------------------------------------------------------------ | ----------- | -| *path* | A string value of the path of the cookie | `"/"` | -| *domain* | A string value of the domain of the cookie | `undefined` | -| *expires* | A number (of seconds), a date parsable string, or a `Date` object of when the cookie will expire | `undefined` | -| *secure* | A boolean value of whether or not the cookie should only be available over SSL | `false` | +| Option | Description | Default | +| ---------: | -------------------------------------------------------------------------------------------------------------------| ----------- | +| *path* | A string value of the path of the cookie | `"/"` | +| *domain* | A string value of the domain of the cookie | `undefined` | +| *expires* | A number (of seconds), a date parsable string, or a `Date` object of when the cookie will expire | `undefined` | +| *secure* | A boolean value of whether or not the cookie should only be available over SSL | `false` | +| *SameSite* | A string value that allows you to declare if you cookies should be restruited to first party or same site context | `null` | A default value for any option may be set in the `Cookies.defaults` object. @@ -171,12 +172,13 @@ if (Cookies.enabled) { #### Cookies.defaults An object representing default options to be used when setting and expiring cookie values. -| Option | Description | Default | -| --------: | ------------------------------------------------------------------------------------------------ | ----------- | -| *path* | A string value of the path of the cookie | `"/"` | -| *domain* | A string value of the domain of the cookie | `undefined` | -| *expires* | A number (of seconds), a date parsable string, or a `Date` object of when the cookie will expire | `undefined` | -| *secure* | A boolean value of whether or not the cookie should only be available over SSL | `false` | +| Option | Description | Default | +| ---------: | ------------------------------------------------------------------------------------------------------------------| ----------- | +| *path* | A string value of the path of the cookie | `"/"` | +| *domain* | A string value of the domain of the cookie | `undefined` | +| *expires* | A number (of seconds), a date parsable string, or a `Date` object of when the cookie will expire | `undefined` | +| *secure* | A boolean value of whether or not the cookie should only be available over SSL | `false` | +| *SameSite* | A string value that allows you to declare if you cookies should be restruited to first party or same site context | `null` | **Example Usage** ```javascript From 00cfd1ce6765bee209a6eb53f2df23287022bb67 Mon Sep 17 00:00:00 2001 From: mum-never-proud Date: Sat, 21 Mar 2020 10:13:15 +0530 Subject: [PATCH 4/4] typo --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 887f576..f1475e2 100644 --- a/README.md +++ b/README.md @@ -90,7 +90,7 @@ Sets a cookie in the document. If the cookie does not already exist, it will be | *domain* | A string value of the domain of the cookie | `undefined` | | *expires* | A number (of seconds), a date parsable string, or a `Date` object of when the cookie will expire | `undefined` | | *secure* | A boolean value of whether or not the cookie should only be available over SSL | `false` | -| *SameSite* | A string value that allows you to declare if you cookies should be restruited to first party or same site context | `null` | +| *SameSite* | A string value that allows you to declare if the cookies should be restrcited to first party or same site context | `null` | A default value for any option may be set in the `Cookies.defaults` object. @@ -178,7 +178,7 @@ An object representing default options to be used when setting and expiring cook | *domain* | A string value of the domain of the cookie | `undefined` | | *expires* | A number (of seconds), a date parsable string, or a `Date` object of when the cookie will expire | `undefined` | | *secure* | A boolean value of whether or not the cookie should only be available over SSL | `false` | -| *SameSite* | A string value that allows you to declare if you cookies should be restruited to first party or same site context | `null` | +| *SameSite* | A string value that allows you to declare if the cookies should be restrcited to first party or same site context | `null` | **Example Usage** ```javascript