123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671 |
- "use strict";
- const punycode = require("punycode");
- const urlParse = require("url").parse;
- const util = require("util");
- const pubsuffix = require("./pubsuffix-psl");
- const Store = require("./store").Store;
- const MemoryCookieStore = require("./memstore").MemoryCookieStore;
- const pathMatch = require("./pathMatch").pathMatch;
- const VERSION = require("./version");
- const { fromCallback } = require("universalify");
- const COOKIE_OCTETS = /^[\x21\x23-\x2B\x2D-\x3A\x3C-\x5B\x5D-\x7E]+$/;
- const CONTROL_CHARS = /[\x00-\x1F]/;
- const TERMINATORS = ["\n", "\r", "\0"];
- const PATH_VALUE = /[\x20-\x3A\x3C-\x7E]+/;
- const DATE_DELIM = /[\x09\x20-\x2F\x3B-\x40\x5B-\x60\x7B-\x7E]/;
- const MONTH_TO_NUM = {
- jan: 0,
- feb: 1,
- mar: 2,
- apr: 3,
- may: 4,
- jun: 5,
- jul: 6,
- aug: 7,
- sep: 8,
- oct: 9,
- nov: 10,
- dec: 11
- };
- const MAX_TIME = 2147483647000;
- const MIN_TIME = 0;
- const SAME_SITE_CONTEXT_VAL_ERR =
- 'Invalid sameSiteContext option for getCookies(); expected one of "strict", "lax", or "none"';
- function checkSameSiteContext(value) {
- const context = String(value).toLowerCase();
- if (context === "none" || context === "lax" || context === "strict") {
- return context;
- } else {
- return null;
- }
- }
- const PrefixSecurityEnum = Object.freeze({
- SILENT: "silent",
- STRICT: "strict",
- DISABLED: "unsafe-disabled"
- });
- var IP_REGEX_LOWERCASE =/(?:^(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)){3}$)|(?:^(?:(?:[a-f\d]{1,4}:){7}(?:[a-f\d]{1,4}|:)|(?:[a-f\d]{1,4}:){6}(?:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)){3}|:[a-f\d]{1,4}|:)|(?:[a-f\d]{1,4}:){5}(?::(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)){3}|(?::[a-f\d]{1,4}){1,2}|:)|(?:[a-f\d]{1,4}:){4}(?:(?::[a-f\d]{1,4}){0,1}:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)){3}|(?::[a-f\d]{1,4}){1,3}|:)|(?:[a-f\d]{1,4}:){3}(?:(?::[a-f\d]{1,4}){0,2}:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)){3}|(?::[a-f\d]{1,4}){1,4}|:)|(?:[a-f\d]{1,4}:){2}(?:(?::[a-f\d]{1,4}){0,3}:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)){3}|(?::[a-f\d]{1,4}){1,5}|:)|(?:[a-f\d]{1,4}:){1}(?:(?::[a-f\d]{1,4}){0,4}:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)){3}|(?::[a-f\d]{1,4}){1,6}|:)|(?::(?:(?::[a-f\d]{1,4}){0,5}:(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)){3}|(?::[a-f\d]{1,4}){1,7}|:)))$)/;
- function parseDigits(token, minDigits, maxDigits, trailingOK) {
- let count = 0;
- while (count < token.length) {
- const c = token.charCodeAt(count);
-
- if (c <= 0x2f || c >= 0x3a) {
- break;
- }
- count++;
- }
-
- if (count < minDigits || count > maxDigits) {
- return null;
- }
- if (!trailingOK && count != token.length) {
- return null;
- }
- return parseInt(token.substr(0, count), 10);
- }
- function parseTime(token) {
- const parts = token.split(":");
- const result = [0, 0, 0];
-
- if (parts.length !== 3) {
- return null;
- }
- for (let i = 0; i < 3; i++) {
-
-
-
- const trailingOK = i == 2;
- const num = parseDigits(parts[i], 1, 2, trailingOK);
- if (num === null) {
- return null;
- }
- result[i] = num;
- }
- return result;
- }
- function parseMonth(token) {
- token = String(token)
- .substr(0, 3)
- .toLowerCase();
- const num = MONTH_TO_NUM[token];
- return num >= 0 ? num : null;
- }
- function parseDate(str) {
- if (!str) {
- return;
- }
-
- const tokens = str.split(DATE_DELIM);
- if (!tokens) {
- return;
- }
- let hour = null;
- let minute = null;
- let second = null;
- let dayOfMonth = null;
- let month = null;
- let year = null;
- for (let i = 0; i < tokens.length; i++) {
- const token = tokens[i].trim();
- if (!token.length) {
- continue;
- }
- let result;
-
- if (second === null) {
- result = parseTime(token);
- if (result) {
- hour = result[0];
- minute = result[1];
- second = result[2];
- continue;
- }
- }
-
- if (dayOfMonth === null) {
-
- result = parseDigits(token, 1, 2, true);
- if (result !== null) {
- dayOfMonth = result;
- continue;
- }
- }
-
- if (month === null) {
- result = parseMonth(token);
- if (result !== null) {
- month = result;
- continue;
- }
- }
-
- if (year === null) {
-
- result = parseDigits(token, 2, 4, true);
- if (result !== null) {
- year = result;
-
- if (year >= 70 && year <= 99) {
- year += 1900;
- } else if (year >= 0 && year <= 69) {
- year += 2000;
- }
- }
- }
- }
-
- if (
- dayOfMonth === null ||
- month === null ||
- year === null ||
- second === null ||
- dayOfMonth < 1 ||
- dayOfMonth > 31 ||
- year < 1601 ||
- hour > 23 ||
- minute > 59 ||
- second > 59
- ) {
- return;
- }
- return new Date(Date.UTC(year, month, dayOfMonth, hour, minute, second));
- }
- function formatDate(date) {
- return date.toUTCString();
- }
- function canonicalDomain(str) {
- if (str == null) {
- return null;
- }
- str = str.trim().replace(/^\./, "");
-
- if (punycode && /[^\u0001-\u007f]/.test(str)) {
- str = punycode.toASCII(str);
- }
- return str.toLowerCase();
- }
- function domainMatch(str, domStr, canonicalize) {
- if (str == null || domStr == null) {
- return null;
- }
- if (canonicalize !== false) {
- str = canonicalDomain(str);
- domStr = canonicalDomain(domStr);
- }
-
- if (str == domStr) {
- return true;
- }
-
-
- const idx = str.indexOf(domStr);
- if (idx <= 0) {
- return false;
- }
-
-
-
- if (str.length !== domStr.length + idx) {
- return false;
- }
-
- if (str.substr(idx-1,1) !== '.') {
- return false;
- }
-
- if (IP_REGEX_LOWERCASE.test(str)) {
- return false;
- }
- return true;
- }
- function defaultPath(path) {
-
-
- if (!path || path.substr(0, 1) !== "/") {
- return "/";
- }
-
-
- if (path === "/") {
- return path;
- }
- const rightSlash = path.lastIndexOf("/");
- if (rightSlash === 0) {
- return "/";
- }
-
-
- return path.slice(0, rightSlash);
- }
- function trimTerminator(str) {
- for (let t = 0; t < TERMINATORS.length; t++) {
- const terminatorIdx = str.indexOf(TERMINATORS[t]);
- if (terminatorIdx !== -1) {
- str = str.substr(0, terminatorIdx);
- }
- }
- return str;
- }
- function parseCookiePair(cookiePair, looseMode) {
- cookiePair = trimTerminator(cookiePair);
- let firstEq = cookiePair.indexOf("=");
- if (looseMode) {
- if (firstEq === 0) {
-
- cookiePair = cookiePair.substr(1);
- firstEq = cookiePair.indexOf("=");
- }
- } else {
-
- if (firstEq <= 0) {
-
- return;
- }
- }
- let cookieName, cookieValue;
- if (firstEq <= 0) {
- cookieName = "";
- cookieValue = cookiePair.trim();
- } else {
- cookieName = cookiePair.substr(0, firstEq).trim();
- cookieValue = cookiePair.substr(firstEq + 1).trim();
- }
- if (CONTROL_CHARS.test(cookieName) || CONTROL_CHARS.test(cookieValue)) {
- return;
- }
- const c = new Cookie();
- c.key = cookieName;
- c.value = cookieValue;
- return c;
- }
- function parse(str, options) {
- if (!options || typeof options !== "object") {
- options = {};
- }
- str = str.trim();
-
- const firstSemi = str.indexOf(";");
- const cookiePair = firstSemi === -1 ? str : str.substr(0, firstSemi);
- const c = parseCookiePair(cookiePair, !!options.loose);
- if (!c) {
- return;
- }
- if (firstSemi === -1) {
- return c;
- }
-
-
-
- const unparsed = str.slice(firstSemi + 1).trim();
-
-
- if (unparsed.length === 0) {
- return c;
- }
-
- const cookie_avs = unparsed.split(";");
- while (cookie_avs.length) {
- const av = cookie_avs.shift().trim();
- if (av.length === 0) {
-
- continue;
- }
- const av_sep = av.indexOf("=");
- let av_key, av_value;
- if (av_sep === -1) {
- av_key = av;
- av_value = null;
- } else {
- av_key = av.substr(0, av_sep);
- av_value = av.substr(av_sep + 1);
- }
- av_key = av_key.trim().toLowerCase();
- if (av_value) {
- av_value = av_value.trim();
- }
- switch (av_key) {
- case "expires":
- if (av_value) {
- const exp = parseDate(av_value);
-
-
- if (exp) {
-
-
- c.expires = exp;
- }
- }
- break;
- case "max-age":
- if (av_value) {
-
-
-
- if (/^-?[0-9]+$/.test(av_value)) {
- const delta = parseInt(av_value, 10);
-
-
- c.setMaxAge(delta);
- }
- }
- break;
- case "domain":
-
-
- if (av_value) {
-
-
- const domain = av_value.trim().replace(/^\./, "");
- if (domain) {
-
- c.domain = domain.toLowerCase();
- }
- }
- break;
- case "path":
-
- c.path = av_value && av_value[0] === "/" ? av_value : null;
- break;
- case "secure":
-
- c.secure = true;
- break;
- case "httponly":
- c.httpOnly = true;
- break;
- case "samesite":
- const enforcement = av_value ? av_value.toLowerCase() : "";
- switch (enforcement) {
- case "strict":
- c.sameSite = "strict";
- break;
- case "lax":
- c.sameSite = "lax";
- break;
- default:
-
-
-
-
- break;
- }
- break;
- default:
- c.extensions = c.extensions || [];
- c.extensions.push(av);
- break;
- }
- }
- return c;
- }
- function isSecurePrefixConditionMet(cookie) {
- return !cookie.key.startsWith("__Secure-") || cookie.secure;
- }
- function isHostPrefixConditionMet(cookie) {
- return (
- !cookie.key.startsWith("__Host-") ||
- (cookie.secure &&
- cookie.hostOnly &&
- cookie.path != null &&
- cookie.path === "/")
- );
- }
- function jsonParse(str) {
- let obj;
- try {
- obj = JSON.parse(str);
- } catch (e) {
- return e;
- }
- return obj;
- }
- function fromJSON(str) {
- if (!str) {
- return null;
- }
- let obj;
- if (typeof str === "string") {
- obj = jsonParse(str);
- if (obj instanceof Error) {
- return null;
- }
- } else {
-
- obj = str;
- }
- const c = new Cookie();
- for (let i = 0; i < Cookie.serializableProperties.length; i++) {
- const prop = Cookie.serializableProperties[i];
- if (obj[prop] === undefined || obj[prop] === cookieDefaults[prop]) {
- continue;
- }
- if (prop === "expires" || prop === "creation" || prop === "lastAccessed") {
- if (obj[prop] === null) {
- c[prop] = null;
- } else {
- c[prop] = obj[prop] == "Infinity" ? "Infinity" : new Date(obj[prop]);
- }
- } else {
- c[prop] = obj[prop];
- }
- }
- return c;
- }
- function cookieCompare(a, b) {
- let cmp = 0;
-
- const aPathLen = a.path ? a.path.length : 0;
- const bPathLen = b.path ? b.path.length : 0;
- cmp = bPathLen - aPathLen;
- if (cmp !== 0) {
- return cmp;
- }
-
- const aTime = a.creation ? a.creation.getTime() : MAX_TIME;
- const bTime = b.creation ? b.creation.getTime() : MAX_TIME;
- cmp = aTime - bTime;
- if (cmp !== 0) {
- return cmp;
- }
-
- cmp = a.creationIndex - b.creationIndex;
- return cmp;
- }
- function permutePath(path) {
- if (path === "/") {
- return ["/"];
- }
- const permutations = [path];
- while (path.length > 1) {
- const lindex = path.lastIndexOf("/");
- if (lindex === 0) {
- break;
- }
- path = path.substr(0, lindex);
- permutations.push(path);
- }
- permutations.push("/");
- return permutations;
- }
- function getCookieContext(url) {
- if (url instanceof Object) {
- return url;
- }
-
-
- try {
- url = decodeURI(url);
- } catch (err) {
-
- }
- return urlParse(url);
- }
- const cookieDefaults = {
-
- key: "",
- value: "",
- expires: "Infinity",
- maxAge: null,
- domain: null,
- path: null,
- secure: false,
- httpOnly: false,
- extensions: null,
-
- hostOnly: null,
- pathIsDefault: null,
- creation: null,
- lastAccessed: null,
- sameSite: "none"
- };
- class Cookie {
- constructor(options = {}) {
- if (util.inspect.custom) {
- this[util.inspect.custom] = this.inspect;
- }
- Object.assign(this, cookieDefaults, options);
- this.creation = this.creation || new Date();
-
- Object.defineProperty(this, "creationIndex", {
- configurable: false,
- enumerable: false,
- writable: true,
- value: ++Cookie.cookiesCreated
- });
- }
- inspect() {
- const now = Date.now();
- const hostOnly = this.hostOnly != null ? this.hostOnly : "?";
- const createAge = this.creation
- ? `${now - this.creation.getTime()}ms`
- : "?";
- const accessAge = this.lastAccessed
- ? `${now - this.lastAccessed.getTime()}ms`
- : "?";
- return `Cookie="${this.toString()}; hostOnly=${hostOnly}; aAge=${accessAge}; cAge=${createAge}"`;
- }
- toJSON() {
- const obj = {};
- for (const prop of Cookie.serializableProperties) {
- if (this[prop] === cookieDefaults[prop]) {
- continue;
- }
- if (
- prop === "expires" ||
- prop === "creation" ||
- prop === "lastAccessed"
- ) {
- if (this[prop] === null) {
- obj[prop] = null;
- } else {
- obj[prop] =
- this[prop] == "Infinity"
- ? "Infinity"
- : this[prop].toISOString();
- }
- } else if (prop === "maxAge") {
- if (this[prop] !== null) {
-
- obj[prop] =
- this[prop] == Infinity || this[prop] == -Infinity
- ? this[prop].toString()
- : this[prop];
- }
- } else {
- if (this[prop] !== cookieDefaults[prop]) {
- obj[prop] = this[prop];
- }
- }
- }
- return obj;
- }
- clone() {
- return fromJSON(this.toJSON());
- }
- validate() {
- if (!COOKIE_OCTETS.test(this.value)) {
- return false;
- }
- if (
- this.expires != Infinity &&
- !(this.expires instanceof Date) &&
- !parseDate(this.expires)
- ) {
- return false;
- }
- if (this.maxAge != null && this.maxAge <= 0) {
- return false;
- }
- if (this.path != null && !PATH_VALUE.test(this.path)) {
- return false;
- }
- const cdomain = this.cdomain();
- if (cdomain) {
- if (cdomain.match(/\.$/)) {
- return false;
- }
- const suffix = pubsuffix.getPublicSuffix(cdomain);
- if (suffix == null) {
-
- return false;
- }
- }
- return true;
- }
- setExpires(exp) {
- if (exp instanceof Date) {
- this.expires = exp;
- } else {
- this.expires = parseDate(exp) || "Infinity";
- }
- }
- setMaxAge(age) {
- if (age === Infinity || age === -Infinity) {
- this.maxAge = age.toString();
- } else {
- this.maxAge = age;
- }
- }
- cookieString() {
- let val = this.value;
- if (val == null) {
- val = "";
- }
- if (this.key === "") {
- return val;
- }
- return `${this.key}=${val}`;
- }
-
- toString() {
- let str = this.cookieString();
- if (this.expires != Infinity) {
- if (this.expires instanceof Date) {
- str += `; Expires=${formatDate(this.expires)}`;
- } else {
- str += `; Expires=${this.expires}`;
- }
- }
- if (this.maxAge != null && this.maxAge != Infinity) {
- str += `; Max-Age=${this.maxAge}`;
- }
- if (this.domain && !this.hostOnly) {
- str += `; Domain=${this.domain}`;
- }
- if (this.path) {
- str += `; Path=${this.path}`;
- }
- if (this.secure) {
- str += "; Secure";
- }
- if (this.httpOnly) {
- str += "; HttpOnly";
- }
- if (this.sameSite && this.sameSite !== "none") {
- const ssCanon = Cookie.sameSiteCanonical[this.sameSite.toLowerCase()];
- str += `; SameSite=${ssCanon ? ssCanon : this.sameSite}`;
- }
- if (this.extensions) {
- this.extensions.forEach(ext => {
- str += `; ${ext}`;
- });
- }
- return str;
- }
-
-
-
-
- TTL(now) {
-
- if (this.maxAge != null) {
- return this.maxAge <= 0 ? 0 : this.maxAge * 1000;
- }
- let expires = this.expires;
- if (expires != Infinity) {
- if (!(expires instanceof Date)) {
- expires = parseDate(expires) || Infinity;
- }
- if (expires == Infinity) {
- return Infinity;
- }
- return expires.getTime() - (now || Date.now());
- }
- return Infinity;
- }
-
-
- expiryTime(now) {
- if (this.maxAge != null) {
- const relativeTo = now || this.creation || new Date();
- const age = this.maxAge <= 0 ? -Infinity : this.maxAge * 1000;
- return relativeTo.getTime() + age;
- }
- if (this.expires == Infinity) {
- return Infinity;
- }
- return this.expires.getTime();
- }
-
-
- expiryDate(now) {
- const millisec = this.expiryTime(now);
- if (millisec == Infinity) {
- return new Date(MAX_TIME);
- } else if (millisec == -Infinity) {
- return new Date(MIN_TIME);
- } else {
- return new Date(millisec);
- }
- }
-
- isPersistent() {
- return this.maxAge != null || this.expires != Infinity;
- }
-
- canonicalizedDomain() {
- if (this.domain == null) {
- return null;
- }
- return canonicalDomain(this.domain);
- }
- cdomain() {
- return this.canonicalizedDomain();
- }
- }
- Cookie.cookiesCreated = 0;
- Cookie.parse = parse;
- Cookie.fromJSON = fromJSON;
- Cookie.serializableProperties = Object.keys(cookieDefaults);
- Cookie.sameSiteLevel = {
- strict: 3,
- lax: 2,
- none: 1
- };
- Cookie.sameSiteCanonical = {
- strict: "Strict",
- lax: "Lax"
- };
- function getNormalizedPrefixSecurity(prefixSecurity) {
- if (prefixSecurity != null) {
- const normalizedPrefixSecurity = prefixSecurity.toLowerCase();
-
- switch (normalizedPrefixSecurity) {
- case PrefixSecurityEnum.STRICT:
- case PrefixSecurityEnum.SILENT:
- case PrefixSecurityEnum.DISABLED:
- return normalizedPrefixSecurity;
- }
- }
-
- return PrefixSecurityEnum.SILENT;
- }
- class CookieJar {
- constructor(store, options = { rejectPublicSuffixes: true }) {
- if (typeof options === "boolean") {
- options = { rejectPublicSuffixes: options };
- }
- this.rejectPublicSuffixes = options.rejectPublicSuffixes;
- this.enableLooseMode = !!options.looseMode;
- this.allowSpecialUseDomain = !!options.allowSpecialUseDomain;
- this.store = store || new MemoryCookieStore();
- this.prefixSecurity = getNormalizedPrefixSecurity(options.prefixSecurity);
- this._cloneSync = syncWrap("clone");
- this._importCookiesSync = syncWrap("_importCookies");
- this.getCookiesSync = syncWrap("getCookies");
- this.getCookieStringSync = syncWrap("getCookieString");
- this.getSetCookieStringsSync = syncWrap("getSetCookieStrings");
- this.removeAllCookiesSync = syncWrap("removeAllCookies");
- this.setCookieSync = syncWrap("setCookie");
- this.serializeSync = syncWrap("serialize");
- }
- setCookie(cookie, url, options, cb) {
- let err;
- const context = getCookieContext(url);
- if (typeof options === "function") {
- cb = options;
- options = {};
- }
- const host = canonicalDomain(context.hostname);
- const loose = options.loose || this.enableLooseMode;
- let sameSiteContext = null;
- if (options.sameSiteContext) {
- sameSiteContext = checkSameSiteContext(options.sameSiteContext);
- if (!sameSiteContext) {
- return cb(new Error(SAME_SITE_CONTEXT_VAL_ERR));
- }
- }
-
- if (typeof cookie === "string" || cookie instanceof String) {
- cookie = Cookie.parse(cookie, { loose: loose });
- if (!cookie) {
- err = new Error("Cookie failed to parse");
- return cb(options.ignoreError ? null : err);
- }
- } else if (!(cookie instanceof Cookie)) {
-
-
- err = new Error(
- "First argument to setCookie must be a Cookie object or string"
- );
- return cb(options.ignoreError ? null : err);
- }
-
- const now = options.now || new Date();
-
-
-
- if (this.rejectPublicSuffixes && cookie.domain) {
- const suffix = pubsuffix.getPublicSuffix(cookie.cdomain());
- if (suffix == null) {
-
- err = new Error("Cookie has domain set to a public suffix");
- return cb(options.ignoreError ? null : err);
- }
- }
-
- if (cookie.domain) {
- if (!domainMatch(host, cookie.cdomain(), false)) {
- err = new Error(
- `Cookie not in this host's domain. Cookie:${cookie.cdomain()} Request:${host}`
- );
- return cb(options.ignoreError ? null : err);
- }
- if (cookie.hostOnly == null) {
-
- cookie.hostOnly = false;
- }
- } else {
- cookie.hostOnly = true;
- cookie.domain = host;
- }
-
-
-
- if (!cookie.path || cookie.path[0] !== "/") {
- cookie.path = defaultPath(context.pathname);
- cookie.pathIsDefault = true;
- }
-
-
-
- if (options.http === false && cookie.httpOnly) {
- err = new Error("Cookie is HttpOnly and this isn't an HTTP API");
- return cb(options.ignoreError ? null : err);
- }
-
- if (cookie.sameSite !== "none" && sameSiteContext) {
-
-
-
-
- if (sameSiteContext === "none") {
- err = new Error(
- "Cookie is SameSite but this is a cross-origin request"
- );
- return cb(options.ignoreError ? null : err);
- }
- }
-
- const ignoreErrorForPrefixSecurity =
- this.prefixSecurity === PrefixSecurityEnum.SILENT;
- const prefixSecurityDisabled =
- this.prefixSecurity === PrefixSecurityEnum.DISABLED;
-
- if (!prefixSecurityDisabled) {
- let errorFound = false;
- let errorMsg;
-
- if (!isSecurePrefixConditionMet(cookie)) {
- errorFound = true;
- errorMsg = "Cookie has __Secure prefix but Secure attribute is not set";
- } else if (!isHostPrefixConditionMet(cookie)) {
-
- errorFound = true;
- errorMsg =
- "Cookie has __Host prefix but either Secure or HostOnly attribute is not set or Path is not '/'";
- }
- if (errorFound) {
- return cb(
- options.ignoreError || ignoreErrorForPrefixSecurity
- ? null
- : new Error(errorMsg)
- );
- }
- }
- const store = this.store;
- if (!store.updateCookie) {
- store.updateCookie = function(oldCookie, newCookie, cb) {
- this.putCookie(newCookie, cb);
- };
- }
- function withCookie(err, oldCookie) {
- if (err) {
- return cb(err);
- }
- const next = function(err) {
- if (err) {
- return cb(err);
- } else {
- cb(null, cookie);
- }
- };
- if (oldCookie) {
-
-
- if (options.http === false && oldCookie.httpOnly) {
-
- err = new Error("old Cookie is HttpOnly and this isn't an HTTP API");
- return cb(options.ignoreError ? null : err);
- }
- cookie.creation = oldCookie.creation;
- cookie.creationIndex = oldCookie.creationIndex;
- cookie.lastAccessed = now;
-
- store.updateCookie(oldCookie, cookie, next);
- } else {
- cookie.creation = cookie.lastAccessed = now;
- store.putCookie(cookie, next);
- }
- }
- store.findCookie(cookie.domain, cookie.path, cookie.key, withCookie);
- }
-
- getCookies(url, options, cb) {
- const context = getCookieContext(url);
- if (typeof options === "function") {
- cb = options;
- options = {};
- }
- const host = canonicalDomain(context.hostname);
- const path = context.pathname || "/";
- let secure = options.secure;
- if (
- secure == null &&
- context.protocol &&
- (context.protocol == "https:" || context.protocol == "wss:")
- ) {
- secure = true;
- }
- let sameSiteLevel = 0;
- if (options.sameSiteContext) {
- const sameSiteContext = checkSameSiteContext(options.sameSiteContext);
- sameSiteLevel = Cookie.sameSiteLevel[sameSiteContext];
- if (!sameSiteLevel) {
- return cb(new Error(SAME_SITE_CONTEXT_VAL_ERR));
- }
- }
- let http = options.http;
- if (http == null) {
- http = true;
- }
- const now = options.now || Date.now();
- const expireCheck = options.expire !== false;
- const allPaths = !!options.allPaths;
- const store = this.store;
- function matchingCookie(c) {
-
-
-
-
-
-
- if (c.hostOnly) {
- if (c.domain != host) {
- return false;
- }
- } else {
- if (!domainMatch(host, c.domain, false)) {
- return false;
- }
- }
-
- if (!allPaths && !pathMatch(path, c.path)) {
- return false;
- }
-
-
- if (c.secure && !secure) {
- return false;
- }
-
-
- if (c.httpOnly && !http) {
- return false;
- }
-
- if (sameSiteLevel) {
- const cookieLevel = Cookie.sameSiteLevel[c.sameSite || "none"];
- if (cookieLevel > sameSiteLevel) {
-
- return false;
- }
- }
-
-
- if (expireCheck && c.expiryTime() <= now) {
- store.removeCookie(c.domain, c.path, c.key, () => {});
- return false;
- }
- return true;
- }
- store.findCookies(
- host,
- allPaths ? null : path,
- this.allowSpecialUseDomain,
- (err, cookies) => {
- if (err) {
- return cb(err);
- }
- cookies = cookies.filter(matchingCookie);
-
- if (options.sort !== false) {
- cookies = cookies.sort(cookieCompare);
- }
-
- const now = new Date();
- for (const cookie of cookies) {
- cookie.lastAccessed = now;
- }
-
- cb(null, cookies);
- }
- );
- }
- getCookieString(...args) {
- const cb = args.pop();
- const next = function(err, cookies) {
- if (err) {
- cb(err);
- } else {
- cb(
- null,
- cookies
- .sort(cookieCompare)
- .map(c => c.cookieString())
- .join("; ")
- );
- }
- };
- args.push(next);
- this.getCookies.apply(this, args);
- }
- getSetCookieStrings(...args) {
- const cb = args.pop();
- const next = function(err, cookies) {
- if (err) {
- cb(err);
- } else {
- cb(
- null,
- cookies.map(c => {
- return c.toString();
- })
- );
- }
- };
- args.push(next);
- this.getCookies.apply(this, args);
- }
- serialize(cb) {
- let type = this.store.constructor.name;
- if (type === "Object") {
- type = null;
- }
-
- const serialized = {
-
-
-
- version: `tough-cookie@${VERSION}`,
-
- storeType: type,
-
- rejectPublicSuffixes: !!this.rejectPublicSuffixes,
-
- cookies: []
- };
- if (
- !(
- this.store.getAllCookies &&
- typeof this.store.getAllCookies === "function"
- )
- ) {
- return cb(
- new Error(
- "store does not support getAllCookies and cannot be serialized"
- )
- );
- }
- this.store.getAllCookies((err, cookies) => {
- if (err) {
- return cb(err);
- }
- serialized.cookies = cookies.map(cookie => {
-
- cookie = cookie instanceof Cookie ? cookie.toJSON() : cookie;
-
- delete cookie.creationIndex;
- return cookie;
- });
- return cb(null, serialized);
- });
- }
- toJSON() {
- return this.serializeSync();
- }
-
- _importCookies(serialized, cb) {
- let cookies = serialized.cookies;
- if (!cookies || !Array.isArray(cookies)) {
- return cb(new Error("serialized jar has no cookies array"));
- }
- cookies = cookies.slice();
- const putNext = err => {
- if (err) {
- return cb(err);
- }
- if (!cookies.length) {
- return cb(err, this);
- }
- let cookie;
- try {
- cookie = fromJSON(cookies.shift());
- } catch (e) {
- return cb(e);
- }
- if (cookie === null) {
- return putNext(null);
- }
- this.store.putCookie(cookie, putNext);
- };
- putNext();
- }
- clone(newStore, cb) {
- if (arguments.length === 1) {
- cb = newStore;
- newStore = null;
- }
- this.serialize((err, serialized) => {
- if (err) {
- return cb(err);
- }
- CookieJar.deserialize(serialized, newStore, cb);
- });
- }
- cloneSync(newStore) {
- if (arguments.length === 0) {
- return this._cloneSync();
- }
- if (!newStore.synchronous) {
- throw new Error(
- "CookieJar clone destination store is not synchronous; use async API instead."
- );
- }
- return this._cloneSync(newStore);
- }
- removeAllCookies(cb) {
- const store = this.store;
-
-
-
- if (
- typeof store.removeAllCookies === "function" &&
- store.removeAllCookies !== Store.prototype.removeAllCookies
- ) {
- return store.removeAllCookies(cb);
- }
- store.getAllCookies((err, cookies) => {
- if (err) {
- return cb(err);
- }
- if (cookies.length === 0) {
- return cb(null);
- }
- let completedCount = 0;
- const removeErrors = [];
- function removeCookieCb(removeErr) {
- if (removeErr) {
- removeErrors.push(removeErr);
- }
- completedCount++;
- if (completedCount === cookies.length) {
- return cb(removeErrors.length ? removeErrors[0] : null);
- }
- }
- cookies.forEach(cookie => {
- store.removeCookie(
- cookie.domain,
- cookie.path,
- cookie.key,
- removeCookieCb
- );
- });
- });
- }
- static deserialize(strOrObj, store, cb) {
- if (arguments.length !== 3) {
-
- cb = store;
- store = null;
- }
- let serialized;
- if (typeof strOrObj === "string") {
- serialized = jsonParse(strOrObj);
- if (serialized instanceof Error) {
- return cb(serialized);
- }
- } else {
- serialized = strOrObj;
- }
- const jar = new CookieJar(store, serialized.rejectPublicSuffixes);
- jar._importCookies(serialized, err => {
- if (err) {
- return cb(err);
- }
- cb(null, jar);
- });
- }
- static deserializeSync(strOrObj, store) {
- const serialized =
- typeof strOrObj === "string" ? JSON.parse(strOrObj) : strOrObj;
- const jar = new CookieJar(store, serialized.rejectPublicSuffixes);
-
- if (!jar.store.synchronous) {
- throw new Error(
- "CookieJar store is not synchronous; use async API instead."
- );
- }
- jar._importCookiesSync(serialized);
- return jar;
- }
- }
- CookieJar.fromJSON = CookieJar.deserializeSync;
- [
- "_importCookies",
- "clone",
- "getCookies",
- "getCookieString",
- "getSetCookieStrings",
- "removeAllCookies",
- "serialize",
- "setCookie"
- ].forEach(name => {
- CookieJar.prototype[name] = fromCallback(CookieJar.prototype[name]);
- });
- CookieJar.deserialize = fromCallback(CookieJar.deserialize);
- function syncWrap(method) {
- return function(...args) {
- if (!this.store.synchronous) {
- throw new Error(
- "CookieJar store is not synchronous; use async API instead."
- );
- }
- let syncErr, syncResult;
- this[method](...args, (err, result) => {
- syncErr = err;
- syncResult = result;
- });
- if (syncErr) {
- throw syncErr;
- }
- return syncResult;
- };
- }
- exports.version = VERSION;
- exports.CookieJar = CookieJar;
- exports.Cookie = Cookie;
- exports.Store = Store;
- exports.MemoryCookieStore = MemoryCookieStore;
- exports.parseDate = parseDate;
- exports.formatDate = formatDate;
- exports.parse = parse;
- exports.fromJSON = fromJSON;
- exports.domainMatch = domainMatch;
- exports.defaultPath = defaultPath;
- exports.pathMatch = pathMatch;
- exports.getPublicSuffix = pubsuffix.getPublicSuffix;
- exports.cookieCompare = cookieCompare;
- exports.permuteDomain = require("./permuteDomain").permuteDomain;
- exports.permutePath = permutePath;
- exports.canonicalDomain = canonicalDomain;
- exports.PrefixSecurityEnum = PrefixSecurityEnum;
|