From ee90121b32bfd5a0d30b7a30525f30564eafef0c Mon Sep 17 00:00:00 2001 From: Fabian Meyer <3982806+meyfa@users.noreply.github.com> Date: Fri, 24 Mar 2023 15:55:37 +0100 Subject: [PATCH] fix!: Use `Headers.prototype.getSetCookie` to avoid comma-splitting Since Node.js now has `getSetCookie` available, we can use it instead of splitting the header on comma, which was very error-prone. Ref: https://github.com/nodejs/undici/pull/1915 The linked PR was released as Undici v5.19.0, which is first available in Node.js 18.14.1. Since Node.js 18.14.2 has an even more up-tp-date version of Undici (5.20.0), I figured it'd be sensible to raise our requirement to that. BREAKING CHANGE: Engine version requirement raised to Node `>=18.14.2`. --- README.md | 4 +++- package-lock.json | 2 +- package.json | 2 +- src/cookies.ts | 8 ++------ 4 files changed, 7 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 2f3ced3..b4d74b7 100644 --- a/README.md +++ b/README.md @@ -8,5 +8,7 @@ A stateful HTTP client for NodeJS. Test your routes even when mocking is infeasi ## Usage -This package requires Node version 18 or later because it makes use of native `fetch()`. +This package requires Node version 18.14.2 or later because it makes use of native `fetch()`, +as well as `Headers.prototype.getSetCookie`. + Additionally, it is packaged as an ES module only, so your tests have to be in ESM format, too. diff --git a/package-lock.json b/package-lock.json index 67c1643..df322ca 100644 --- a/package-lock.json +++ b/package-lock.json @@ -20,7 +20,7 @@ "undici": "5.21.0" }, "engines": { - "node": ">=18" + "node": ">=18.14.2" } }, "node_modules/@bcoe/v8-coverage": { diff --git a/package.json b/package.json index 326ede0..fa9cccd 100644 --- a/package.json +++ b/package.json @@ -17,7 +17,7 @@ "prepack": "npm run build" }, "engines": { - "node": ">=18" + "node": ">=18.14.2" }, "repository": { "type": "git", diff --git a/src/cookies.ts b/src/cookies.ts index 9b09e19..56f00e2 100644 --- a/src/cookies.ts +++ b/src/cookies.ts @@ -19,12 +19,9 @@ export function cookieMiddleware (store: CookieStore): Middleware { } function parseCookies (headers: Headers): Cookie[] { - // Node's Headers implementation returns all Set-Cookie headers joined by ', ' - // TODO: Since dates are represented like "Wed, 12-Jul-2023 19:59:03 GMT", this will split too often! - const cookieDefinitions = headers.get('set-cookie')?.trim().split(/\s*,\s*/) ?? [] - const cookies = [] - for (const cookieDefinition of cookieDefinitions) { + // Note: Headers.prototype.getSetCookie() is available since Node.js 18.14.1, but types aren't updated yet. + for (const cookieDefinition of (headers as any).getSetCookie()) { // TODO: Handle malformed strings, quoted values, escaping. // TODO: Parse expiration date and flags. const key = cookieDefinition.match(/^([^=\s]+)/)?.[1] @@ -33,6 +30,5 @@ function parseCookies (headers: Headers): Cookie[] { cookies.push({ key, value }) } } - return cookies }