From b4d48e3ae6cbf784d868ad8ea035a6e0646cad2b Mon Sep 17 00:00:00 2001 From: Alexander Mayer Date: Sat, 9 Sep 2023 11:10:01 -0400 Subject: [PATCH 1/7] Bugfix Fixed an issue where if no cookies are found, the function would return the `next` function value instead of calling the `next` function --- index.js | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/index.js b/index.js index dd6d479..fe11a3f 100644 --- a/index.js +++ b/index.js @@ -43,7 +43,8 @@ function cookieParser (secret, options) { return function cookieParser (req, res, next) { if (req.cookies) { - return next() + next(); + return; } var cookies = req.headers.cookie @@ -54,7 +55,8 @@ function cookieParser (secret, options) { // no cookies if (!cookies) { - return next() + next() + return; } req.cookies = cookie.parse(cookies, options) From 54242c38bff7617296cb47fdb6373e42e7356bb7 Mon Sep 17 00:00:00 2001 From: Alexander Mayer Date: Sat, 9 Sep 2023 11:11:33 -0400 Subject: [PATCH 2/7] Bugfix Add a ! sign to the first check so that it only exits the function if the cookies don't exist, since undefined/null is a falsely value --- index.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.js b/index.js index fe11a3f..60acbca 100644 --- a/index.js +++ b/index.js @@ -42,7 +42,7 @@ function cookieParser (secret, options) { : [secret] return function cookieParser (req, res, next) { - if (req.cookies) { + if (!req.cookies) { next(); return; } From 53e71f13e48df9ce5e449d2ee39412f7a049c279 Mon Sep 17 00:00:00 2001 From: Alexander Mayer Date: Sat, 9 Sep 2023 11:33:16 -0400 Subject: [PATCH 3/7] Fix an issue I made and fix a bug remove the ! I added from the last commit, and default req.cookies to an empty JSON value when there are no cookies --- index.js | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/index.js b/index.js index 60acbca..509d3e8 100644 --- a/index.js +++ b/index.js @@ -42,11 +42,12 @@ function cookieParser (secret, options) { : [secret] return function cookieParser (req, res, next) { - if (!req.cookies) { + if (req.cookies) { + //so i am assuming this is if req.cookies has been set by another middleware next(); return; } - + var cookies = req.headers.cookie req.secret = secrets[0] @@ -55,7 +56,8 @@ function cookieParser (secret, options) { // no cookies if (!cookies) { - next() + req.cookies = {} + next(); return; } From e8869618a661a38ebe89447dd4b5a07a891ec9e8 Mon Sep 17 00:00:00 2001 From: Alexander Mayer Date: Sat, 9 Sep 2023 15:26:42 -0400 Subject: [PATCH 4/7] remove unnecessary comment --- index.js | 1 - 1 file changed, 1 deletion(-) diff --git a/index.js b/index.js index 509d3e8..9b18468 100644 --- a/index.js +++ b/index.js @@ -43,7 +43,6 @@ function cookieParser (secret, options) { return function cookieParser (req, res, next) { if (req.cookies) { - //so i am assuming this is if req.cookies has been set by another middleware next(); return; } From b04b2fc630da510a335c0f4f26492574e4d18bcc Mon Sep 17 00:00:00 2001 From: Alexander Mayer Date: Sat, 9 Sep 2023 15:44:48 -0400 Subject: [PATCH 5/7] add logging to see what is going wrong --- index.js | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/index.js b/index.js index 9b18468..65d1e31 100644 --- a/index.js +++ b/index.js @@ -42,16 +42,19 @@ function cookieParser (secret, options) { : [secret] return function cookieParser (req, res, next) { + console.log(1) if (req.cookies) { next(); return; } + console.log(2) var cookies = req.headers.cookie req.secret = secrets[0] req.cookies = Object.create(null) req.signedCookies = Object.create(null) + console.log(3) // no cookies if (!cookies) { @@ -59,6 +62,7 @@ function cookieParser (secret, options) { next(); return; } + console.log(4) req.cookies = cookie.parse(cookies, options) @@ -67,6 +71,7 @@ function cookieParser (secret, options) { req.signedCookies = signedCookies(req.cookies, secrets) req.signedCookies = JSONCookies(req.signedCookies) } + console.log(5) // parse JSON cookies req.cookies = JSONCookies(req.cookies) From 72761947ce63ace8628328986139d1b6f9b7e6ee Mon Sep 17 00:00:00 2001 From: Alexander Mayer Date: Sat, 9 Sep 2023 15:54:15 -0400 Subject: [PATCH 6/7] fix a few detected errors using [ValidateJavascript](https://validatejavascript.com/) --- index.js | 160 +++++++++++++++++++++++++++---------------------------- 1 file changed, 79 insertions(+), 81 deletions(-) diff --git a/index.js b/index.js index 65d1e31..6f367e0 100644 --- a/index.js +++ b/index.js @@ -5,27 +5,19 @@ * MIT Licensed */ -'use strict' - /** * Module dependencies. * @private */ -var cookie = require('cookie') -var signature = require('cookie-signature') +const cookie = require('cookie'); +const signature = require('cookie-signature'); /** * Module exports. * @public */ -module.exports = cookieParser -module.exports.JSONCookie = JSONCookie -module.exports.JSONCookies = JSONCookies -module.exports.signedCookie = signedCookie -module.exports.signedCookies = signedCookies - /** * Parse Cookie header and populate `req.cookies` * with an object keyed by the cookie names. @@ -36,48 +28,48 @@ module.exports.signedCookies = signedCookies * @public */ -function cookieParser (secret, options) { - var secrets = !secret || Array.isArray(secret) +function cookieParser(secret, options) { + const secrets = !secret || Array.isArray(secret) ? (secret || []) - : [secret] + : [secret]; - return function cookieParser (req, res, next) { - console.log(1) - if (req.cookies) { - next(); - return; - } - console.log(2) - - var cookies = req.headers.cookie - - req.secret = secrets[0] - req.cookies = Object.create(null) - req.signedCookies = Object.create(null) - console.log(3) - - // no cookies - if (!cookies) { - req.cookies = {} - next(); - return; - } - console.log(4) + return function cookieParser(req, res, next) { + try { + if (req.cookies) { + next(); + return; + } - req.cookies = cookie.parse(cookies, options) + const cookies = req.headers.cookie; - // parse signed cookies - if (secrets.length !== 0) { - req.signedCookies = signedCookies(req.cookies, secrets) - req.signedCookies = JSONCookies(req.signedCookies) - } - console.log(5) + req.secret = secrets[0]; + req.cookies = Object.create(null); + req.signedCookies = Object.create(null); + console.log(3); - // parse JSON cookies - req.cookies = JSONCookies(req.cookies) + // no cookies + if (!cookies) { + req.cookies = {}; + next(); + return; + } - next() - } + req.cookies = cookie.parse(cookies, options); + + // parse signed cookies + if (secrets.length !== 0) { + req.signedCookies = signedCookies(req.cookies, secrets); + req.signedCookies = JSONCookies(req.signedCookies); + } + + // parse JSON cookies + req.cookies = JSONCookies(req.cookies); + + next(); + } catch (err) { + console.log(err); + } + }; } /** @@ -88,15 +80,15 @@ function cookieParser (secret, options) { * @public */ -function JSONCookie (str) { +function JSONCookie(str) { if (typeof str !== 'string' || str.substr(0, 2) !== 'j:') { - return undefined + return undefined; } try { - return JSON.parse(str.slice(2)) + return JSON.parse(str.slice(2)); } catch (err) { - return undefined + return undefined; } } @@ -108,21 +100,21 @@ function JSONCookie (str) { * @public */ -function JSONCookies (obj) { - var cookies = Object.keys(obj) - var key - var val +function JSONCookies(obj) { + const cookies = Object.keys(obj); + let key; + let val; - for (var i = 0; i < cookies.length; i++) { - key = cookies[i] - val = JSONCookie(obj[key]) + for (let i = 0; i < cookies.length; i++) { + key = cookies[i]; + val = JSONCookie(obj[key]); if (val) { - obj[key] = val + obj[key] = val; } } - return obj + return obj; } /** @@ -134,28 +126,28 @@ function JSONCookies (obj) { * @public */ -function signedCookie (str, secret) { +function signedCookie(str, secret) { if (typeof str !== 'string') { - return undefined + return undefined; } if (str.substr(0, 2) !== 's:') { - return str + return str; } - var secrets = !secret || Array.isArray(secret) + const secrets = !secret || Array.isArray(secret) ? (secret || []) - : [secret] + : [secret]; - for (var i = 0; i < secrets.length; i++) { - var val = signature.unsign(str.slice(2), secrets[i]) + for (let i = 0; i < secrets.length; i++) { + const val = signature.unsign(str.slice(2), secrets[i]); if (val !== false) { - return val + return val; } } - return false + return false; } /** @@ -168,23 +160,29 @@ function signedCookie (str, secret) { * @public */ -function signedCookies (obj, secret) { - var cookies = Object.keys(obj) - var dec - var key - var ret = Object.create(null) - var val +function signedCookies(obj, secret) { + const cookies = Object.keys(obj); + let dec; + let key; + const ret = Object.create(null); + let val; - for (var i = 0; i < cookies.length; i++) { - key = cookies[i] - val = obj[key] - dec = signedCookie(val, secret) + for (let i = 0; i < cookies.length; i++) { + key = cookies[i]; + val = obj[key]; + dec = signedCookie(val, secret); if (val !== dec) { - ret[key] = dec - delete obj[key] + ret[key] = dec; + delete obj[key]; } } - return ret + return ret; } + +module.exports = cookieParser; +module.exports.JSONCookie = JSONCookie; +module.exports.JSONCookies = JSONCookies; +module.exports.signedCookie = signedCookie; +module.exports.signedCookies = signedCookies; From b5a7ff6a3608e4d9e9a63a8c6151f47748d09052 Mon Sep 17 00:00:00 2001 From: Alexander Mayer Date: Sun, 10 Sep 2023 08:42:39 -0400 Subject: [PATCH 7/7] remove random '3' logging was for testing, but is no longer needed --- index.js | 1 - 1 file changed, 1 deletion(-) diff --git a/index.js b/index.js index 6f367e0..ab64f11 100644 --- a/index.js +++ b/index.js @@ -45,7 +45,6 @@ function cookieParser(secret, options) { req.secret = secrets[0]; req.cookies = Object.create(null); req.signedCookies = Object.create(null); - console.log(3); // no cookies if (!cookies) {