Welcome back, ' + escapeHtml(name) + '!
'); - } else { - res.write('Hello, new visitor!
'); - } - - res.write(''); -} - -http.createServer(onRequest).listen(3000); -``` - -## Testing - -```sh -$ npm test -``` - -## Benchmark - -``` -$ npm run bench - -> cookie@0.4.2 bench -> node benchmark/index.js - - node@16.14.0 - v8@9.4.146.24-node.20 - uv@1.43.0 - zlib@1.2.11 - brotli@1.0.9 - ares@1.18.1 - modules@93 - nghttp2@1.45.1 - napi@8 - llhttp@6.0.4 - openssl@1.1.1m+quic - cldr@40.0 - icu@70.1 - tz@2021a3 - unicode@14.0 - ngtcp2@0.1.0-DEV - nghttp3@0.1.0-DEV - -> node benchmark/parse-top.js - - cookie.parse - top sites - - 15 tests completed. - - parse accounts.google.com x 2,421,245 ops/sec ±0.80% (188 runs sampled) - parse apple.com x 2,684,710 ops/sec ±0.59% (189 runs sampled) - parse cloudflare.com x 2,231,418 ops/sec ±0.76% (186 runs sampled) - parse docs.google.com x 2,316,357 ops/sec ±1.28% (187 runs sampled) - parse drive.google.com x 2,363,543 ops/sec ±0.49% (189 runs sampled) - parse en.wikipedia.org x 839,414 ops/sec ±0.53% (189 runs sampled) - parse linkedin.com x 553,797 ops/sec ±0.63% (190 runs sampled) - parse maps.google.com x 1,314,779 ops/sec ±0.72% (189 runs sampled) - parse microsoft.com x 153,783 ops/sec ±0.53% (190 runs sampled) - parse play.google.com x 2,249,574 ops/sec ±0.59% (187 runs sampled) - parse plus.google.com x 2,258,682 ops/sec ±0.60% (188 runs sampled) - parse sites.google.com x 2,247,069 ops/sec ±0.68% (189 runs sampled) - parse support.google.com x 1,456,840 ops/sec ±0.70% (187 runs sampled) - parse www.google.com x 1,046,028 ops/sec ±0.58% (188 runs sampled) - parse youtu.be x 937,428 ops/sec ±1.47% (190 runs sampled) - parse youtube.com x 963,878 ops/sec ±0.59% (190 runs sampled) - -> node benchmark/parse.js - - cookie.parse - generic - - 6 tests completed. - - simple x 2,745,604 ops/sec ±0.77% (185 runs sampled) - decode x 557,287 ops/sec ±0.60% (188 runs sampled) - unquote x 2,498,475 ops/sec ±0.55% (189 runs sampled) - duplicates x 868,591 ops/sec ±0.89% (187 runs sampled) - 10 cookies x 306,745 ops/sec ±0.49% (190 runs sampled) - 100 cookies x 22,414 ops/sec ±2.38% (182 runs sampled) -``` - -## References - -- [RFC 6265: HTTP State Management Mechanism][rfc-6265] -- [Same-site Cookies][rfc-6265bis-09-5.4.7] - -[rfc-west-cookie-priority-00-4.1]: https://tools.ietf.org/html/draft-west-cookie-priority-00#section-4.1 -[rfc-6265bis-09-5.4.7]: https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-09#section-5.4.7 -[rfc-6265]: https://tools.ietf.org/html/rfc6265 -[rfc-6265-5.1.4]: https://tools.ietf.org/html/rfc6265#section-5.1.4 -[rfc-6265-5.2.1]: https://tools.ietf.org/html/rfc6265#section-5.2.1 -[rfc-6265-5.2.2]: https://tools.ietf.org/html/rfc6265#section-5.2.2 -[rfc-6265-5.2.3]: https://tools.ietf.org/html/rfc6265#section-5.2.3 -[rfc-6265-5.2.4]: https://tools.ietf.org/html/rfc6265#section-5.2.4 -[rfc-6265-5.2.5]: https://tools.ietf.org/html/rfc6265#section-5.2.5 -[rfc-6265-5.2.6]: https://tools.ietf.org/html/rfc6265#section-5.2.6 -[rfc-6265-5.3]: https://tools.ietf.org/html/rfc6265#section-5.3 - -## License - -[MIT](LICENSE) - -[coveralls-image]: https://badgen.net/coveralls/c/github/jshttp/cookie/master -[coveralls-url]: https://coveralls.io/r/jshttp/cookie?branch=master -[github-actions-ci-image]: https://img.shields.io/github/workflow/status/jshttp/cookie/ci/master?label=ci -[github-actions-ci-url]: https://github.com/jshttp/cookie/actions/workflows/ci.yml -[node-version-image]: https://badgen.net/npm/node/cookie -[node-version-url]: https://nodejs.org/en/download -[npm-downloads-image]: https://badgen.net/npm/dm/cookie -[npm-url]: https://npmjs.org/package/cookie -[npm-version-image]: https://badgen.net/npm/v/cookie diff --git a/cookie/SECURITY.md b/cookie/SECURITY.md deleted file mode 100644 index fd4a6c5..0000000 --- a/cookie/SECURITY.md +++ /dev/null @@ -1,25 +0,0 @@ -# Security Policies and Procedures - -## Reporting a Bug - -The `cookie` team and community take all security bugs seriously. Thank -you for improving the security of the project. We appreciate your efforts and -responsible disclosure and will make every effort to acknowledge your -contributions. - -Report security bugs by emailing the current owner(s) of `cookie`. This -information can be found in the npm registry using the command -`npm owner ls cookie`. -If unsure or unable to get the information from the above, open an issue -in the [project issue tracker](https://github.com/jshttp/cookie/issues) -asking for the current contact information. - -To ensure the timely response to your report, please ensure that the entirety -of the report is contained within the email body and not solely behind a web -link or an attachment. - -At least one owner will acknowledge your email within 48 hours, and will send a -more detailed response within 48 hours indicating the next steps in handling -your report. After the initial reply to your report, the owners will -endeavor to keep you informed of the progress towards a fix and full -announcement, and may ask for additional information or guidance. diff --git a/cookie/index.js b/cookie/index.js deleted file mode 100644 index 9c3d07d..0000000 --- a/cookie/index.js +++ /dev/null @@ -1,270 +0,0 @@ -/*! - * cookie - * Copyright(c) 2012-2014 Roman Shtylman - * Copyright(c) 2015 Douglas Christopher Wilson - * MIT Licensed - */ - -'use strict'; - -/** - * Module exports. - * @public - */ - -exports.parse = parse; -exports.serialize = serialize; - -/** - * Module variables. - * @private - */ - -var __toString = Object.prototype.toString - -/** - * RegExp to match field-content in RFC 7230 sec 3.2 - * - * field-content = field-vchar [ 1*( SP / HTAB ) field-vchar ] - * field-vchar = VCHAR / obs-text - * obs-text = %x80-FF - */ - -var fieldContentRegExp = /^[\u0009\u0020-\u007e\u0080-\u00ff]+$/; - -/** - * Parse a cookie header. - * - * Parse the given cookie header string into an object - * The object has the various cookies as keys(names) => values - * - * @param {string} str - * @param {object} [options] - * @return {object} - * @public - */ - -function parse(str, options) { - if (typeof str !== 'string') { - throw new TypeError('argument str must be a string'); - } - - var obj = {} - var opt = options || {}; - var dec = opt.decode || decode; - - var index = 0 - while (index < str.length) { - var eqIdx = str.indexOf('=', index) - - // no more cookie pairs - if (eqIdx === -1) { - break - } - - var endIdx = str.indexOf(';', index) - - if (endIdx === -1) { - endIdx = str.length - } else if (endIdx < eqIdx) { - // backtrack on prior semicolon - index = str.lastIndexOf(';', eqIdx - 1) + 1 - continue - } - - var key = str.slice(index, eqIdx).trim() - - // only assign once - if (undefined === obj[key]) { - var val = str.slice(eqIdx + 1, endIdx).trim() - - // quoted values - if (val.charCodeAt(0) === 0x22) { - val = val.slice(1, -1) - } - - obj[key] = tryDecode(val, dec); - } - - index = endIdx + 1 - } - - return obj; -} - -/** - * Serialize data into a cookie header. - * - * Serialize the a name value pair into a cookie string suitable for - * http headers. An optional options object specified cookie parameters. - * - * serialize('foo', 'bar', { httpOnly: true }) - * => "foo=bar; httpOnly" - * - * @param {string} name - * @param {string} val - * @param {object} [options] - * @return {string} - * @public - */ - -function serialize(name, val, options) { - var opt = options || {}; - var enc = opt.encode || encode; - - if (typeof enc !== 'function') { - throw new TypeError('option encode is invalid'); - } - - if (!fieldContentRegExp.test(name)) { - throw new TypeError('argument name is invalid'); - } - - var value = enc(val); - - if (value && !fieldContentRegExp.test(value)) { - throw new TypeError('argument val is invalid'); - } - - var str = name + '=' + value; - - if (null != opt.maxAge) { - var maxAge = opt.maxAge - 0; - - if (isNaN(maxAge) || !isFinite(maxAge)) { - throw new TypeError('option maxAge is invalid') - } - - str += '; Max-Age=' + Math.floor(maxAge); - } - - if (opt.domain) { - if (!fieldContentRegExp.test(opt.domain)) { - throw new TypeError('option domain is invalid'); - } - - str += '; Domain=' + opt.domain; - } - - if (opt.path) { - if (!fieldContentRegExp.test(opt.path)) { - throw new TypeError('option path is invalid'); - } - - str += '; Path=' + opt.path; - } - - if (opt.expires) { - var expires = opt.expires - - if (!isDate(expires) || isNaN(expires.valueOf())) { - throw new TypeError('option expires is invalid'); - } - - str += '; Expires=' + expires.toUTCString() - } - - if (opt.httpOnly) { - str += '; HttpOnly'; - } - - if (opt.secure) { - str += '; Secure'; - } - - if (opt.priority) { - var priority = typeof opt.priority === 'string' - ? opt.priority.toLowerCase() - : opt.priority - - switch (priority) { - case 'low': - str += '; Priority=Low' - break - case 'medium': - str += '; Priority=Medium' - break - case 'high': - str += '; Priority=High' - break - default: - throw new TypeError('option priority is invalid') - } - } - - if (opt.sameSite) { - var sameSite = typeof opt.sameSite === 'string' - ? opt.sameSite.toLowerCase() : opt.sameSite; - - switch (sameSite) { - case true: - str += '; SameSite=Strict'; - break; - case 'lax': - str += '; SameSite=Lax'; - break; - case 'strict': - str += '; SameSite=Strict'; - break; - case 'none': - str += '; SameSite=None'; - break; - default: - throw new TypeError('option sameSite is invalid'); - } - } - - return str; -} - -/** - * URL-decode string value. Optimized to skip native call when no %. - * - * @param {string} str - * @returns {string} - */ - -function decode (str) { - return str.indexOf('%') !== -1 - ? decodeURIComponent(str) - : str -} - -/** - * URL-encode value. - * - * @param {string} str - * @returns {string} - */ - -function encode (val) { - return encodeURIComponent(val) -} - -/** - * Determine if value is a Date. - * - * @param {*} val - * @private - */ - -function isDate (val) { - return __toString.call(val) === '[object Date]' || - val instanceof Date -} - -/** - * Try decoding a string using a decoding function. - * - * @param {string} str - * @param {function} decode - * @private - */ - -function tryDecode(str, decode) { - try { - return decode(str); - } catch (e) { - return str; - } -} diff --git a/cookie/package.json b/cookie/package.json deleted file mode 100644 index ed5606a..0000000 --- a/cookie/package.json +++ /dev/null @@ -1,44 +0,0 @@ -{ - "name": "cookie", - "description": "HTTP server cookie parsing and serialization", - "version": "0.5.0", - "author": "Roman Shtylman
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-## Sponsors
-
-Become a sponsor and get your logo on our README on Github with a link to your site. [[Become a sponsor](https://opencollective.com/debug#sponsor)]
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-## License
-
-(The MIT License)
-
-Copyright (c) 2014-2016 TJ Holowaychuk <tj@vision-media.ca>
-
-Permission is hereby granted, free of charge, to any person obtaining
-a copy of this software and associated documentation files (the
-'Software'), to deal in the Software without restriction, including
-without limitation the rights to use, copy, modify, merge, publish,
-distribute, sublicense, and/or sell copies of the Software, and to
-permit persons to whom the Software is furnished to do so, subject to
-the following conditions:
-
-The above copyright notice and this permission notice shall be
-included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
-IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
-CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
-TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
-SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/debug/component.json b/debug/component.json
deleted file mode 100644
index 9de2641..0000000
--- a/debug/component.json
+++ /dev/null
@@ -1,19 +0,0 @@
-{
- "name": "debug",
- "repo": "visionmedia/debug",
- "description": "small debugging utility",
- "version": "2.6.9",
- "keywords": [
- "debug",
- "log",
- "debugger"
- ],
- "main": "src/browser.js",
- "scripts": [
- "src/browser.js",
- "src/debug.js"
- ],
- "dependencies": {
- "rauchg/ms.js": "0.7.1"
- }
-}
diff --git a/debug/karma.conf.js b/debug/karma.conf.js
deleted file mode 100644
index 103a82d..0000000
--- a/debug/karma.conf.js
+++ /dev/null
@@ -1,70 +0,0 @@
-// Karma configuration
-// Generated on Fri Dec 16 2016 13:09:51 GMT+0000 (UTC)
-
-module.exports = function(config) {
- config.set({
-
- // base path that will be used to resolve all patterns (eg. files, exclude)
- basePath: '',
-
-
- // frameworks to use
- // available frameworks: https://npmjs.org/browse/keyword/karma-adapter
- frameworks: ['mocha', 'chai', 'sinon'],
-
-
- // list of files / patterns to load in the browser
- files: [
- 'dist/debug.js',
- 'test/*spec.js'
- ],
-
-
- // list of files to exclude
- exclude: [
- 'src/node.js'
- ],
-
-
- // preprocess matching files before serving them to the browser
- // available preprocessors: https://npmjs.org/browse/keyword/karma-preprocessor
- preprocessors: {
- },
-
- // test results reporter to use
- // possible values: 'dots', 'progress'
- // available reporters: https://npmjs.org/browse/keyword/karma-reporter
- reporters: ['progress'],
-
-
- // web server port
- port: 9876,
-
-
- // enable / disable colors in the output (reporters and logs)
- colors: true,
-
-
- // level of logging
- // possible values: config.LOG_DISABLE || config.LOG_ERROR || config.LOG_WARN || config.LOG_INFO || config.LOG_DEBUG
- logLevel: config.LOG_INFO,
-
-
- // enable / disable watching file and executing tests whenever any file changes
- autoWatch: true,
-
-
- // start these browsers
- // available browser launchers: https://npmjs.org/browse/keyword/karma-launcher
- browsers: ['PhantomJS'],
-
-
- // Continuous Integration mode
- // if true, Karma captures browsers, runs the tests and exits
- singleRun: false,
-
- // Concurrency level
- // how many browser should be started simultaneous
- concurrency: Infinity
- })
-}
diff --git a/debug/node.js b/debug/node.js
deleted file mode 100644
index 7fc36fe..0000000
--- a/debug/node.js
+++ /dev/null
@@ -1 +0,0 @@
-module.exports = require('./src/node');
diff --git a/debug/package.json b/debug/package.json
deleted file mode 100644
index dc787ba..0000000
--- a/debug/package.json
+++ /dev/null
@@ -1,49 +0,0 @@
-{
- "name": "debug",
- "version": "2.6.9",
- "repository": {
- "type": "git",
- "url": "git://github.com/visionmedia/debug.git"
- },
- "description": "small debugging utility",
- "keywords": [
- "debug",
- "log",
- "debugger"
- ],
- "author": "TJ Holowaychuk Location ' + escapeHtml(url) + ' not found
' - - // send a 404 - res.statusCode = 404 - res.setHeader('Content-Type', 'text/html; charset=UTF-8') - res.setHeader('Content-Length', String(Buffer.byteLength(body, 'utf-8'))) - res.end(body, 'utf-8') -}) -``` - -### Encode a URL for use in a header field - -```js -var encodeUrl = require('encodeurl') -var escapeHtml = require('escape-html') -var url = require('url') - -http.createServer(function onRequest (req, res) { - // parse inbound url - var href = url.parse(req) - - // set new host for redirect - href.host = 'localhost' - href.protocol = 'https:' - href.slashes = true - - // create location header - var location = encodeUrl(url.format(href)) - - // create html message - var body = 'Redirecting to new site: ' + escapeHtml(location) + '
' - - // send a 301 - res.statusCode = 301 - res.setHeader('Content-Type', 'text/html; charset=UTF-8') - res.setHeader('Content-Length', String(Buffer.byteLength(body, 'utf-8'))) - res.setHeader('Location', location) - res.end(body, 'utf-8') -}) -``` - -## Testing - -```sh -$ npm test -$ npm run lint -``` - -## References - -- [RFC 3986: Uniform Resource Identifier (URI): Generic Syntax][rfc-3986] -- [WHATWG URL Living Standard][whatwg-url] - -[rfc-3986]: https://tools.ietf.org/html/rfc3986 -[whatwg-url]: https://url.spec.whatwg.org/ - -## License - -[MIT](LICENSE) - -[npm-image]: https://img.shields.io/npm/v/encodeurl.svg -[npm-url]: https://npmjs.org/package/encodeurl -[node-version-image]: https://img.shields.io/node/v/encodeurl.svg -[node-version-url]: https://nodejs.org/en/download -[travis-image]: https://img.shields.io/travis/pillarjs/encodeurl.svg -[travis-url]: https://travis-ci.org/pillarjs/encodeurl -[coveralls-image]: https://img.shields.io/coveralls/pillarjs/encodeurl.svg -[coveralls-url]: https://coveralls.io/r/pillarjs/encodeurl?branch=master -[downloads-image]: https://img.shields.io/npm/dm/encodeurl.svg -[downloads-url]: https://npmjs.org/package/encodeurl diff --git a/encodeurl/index.js b/encodeurl/index.js deleted file mode 100644 index fc4906c..0000000 --- a/encodeurl/index.js +++ /dev/null @@ -1,60 +0,0 @@ -/*! - * encodeurl - * Copyright(c) 2016 Douglas Christopher Wilson - * MIT Licensed - */ - -'use strict' - -/** - * Module exports. - * @public - */ - -module.exports = encodeUrl - -/** - * RegExp to match non-URL code points, *after* encoding (i.e. not including "%") - * and including invalid escape sequences. - * @private - */ - -var ENCODE_CHARS_REGEXP = /(?:[^\x21\x25\x26-\x3B\x3D\x3F-\x5B\x5D\x5F\x61-\x7A\x7E]|%(?:[^0-9A-Fa-f]|[0-9A-Fa-f][^0-9A-Fa-f]|$))+/g - -/** - * RegExp to match unmatched surrogate pair. - * @private - */ - -var UNMATCHED_SURROGATE_PAIR_REGEXP = /(^|[^\uD800-\uDBFF])[\uDC00-\uDFFF]|[\uD800-\uDBFF]([^\uDC00-\uDFFF]|$)/g - -/** - * String to replace unmatched surrogate pair with. - * @private - */ - -var UNMATCHED_SURROGATE_PAIR_REPLACE = '$1\uFFFD$2' - -/** - * Encode a URL to a percent-encoded form, excluding already-encoded sequences. - * - * This function will take an already-encoded URL and encode all the non-URL - * code points. This function will not encode the "%" character unless it is - * not part of a valid sequence (`%20` will be left as-is, but `%foo` will - * be encoded as `%25foo`). - * - * This encode is meant to be "safe" and does not throw errors. It will try as - * hard as it can to properly encode the given URL, including replacing any raw, - * unpaired surrogate pairs with the Unicode replacement character prior to - * encoding. - * - * @param {string} url - * @return {string} - * @public - */ - -function encodeUrl (url) { - return String(url) - .replace(UNMATCHED_SURROGATE_PAIR_REGEXP, UNMATCHED_SURROGATE_PAIR_REPLACE) - .replace(ENCODE_CHARS_REGEXP, encodeURI) -} diff --git a/encodeurl/package.json b/encodeurl/package.json deleted file mode 100644 index b9f25ef..0000000 --- a/encodeurl/package.json +++ /dev/null @@ -1,40 +0,0 @@ -{ - "name": "encodeurl", - "description": "Encode a URL to a percent-encoded form, excluding already-encoded sequences", - "version": "1.0.2", - "contributors": [ - "Douglas Christopher Wilson