Skip to content

Commit 0dc9683

Browse files
dougwilsondougwilson
committed
closes #168 closes #177
1 parent f77fa09 commit 0dc9683

File tree

3 files changed

+15
-1
lines changed

3 files changed

+15
-1
lines changed

HISTORY.md

+12
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,15 @@
1+
unreleased
2+
==========
3+
4+
* deps: [email protected]
5+
- Add `partitioned` option for CHIPS support
6+
- Add `priority` option for Priority cookie support
7+
- Fix accidental cookie name/value truncation when given invalid chars
8+
- Fix `maxAge` option to reject invalid values
9+
- Remove quotes from returned quoted cookie value
10+
- Use `req.socket` over deprecated `req.connection`
11+
- pref: small lookup regexp optimization
12+
113
2.0.0 / 2021-12-16
214
==================
315

README.md

+2
Original file line numberDiff line numberDiff line change
@@ -103,6 +103,8 @@ The options can also contain any of the following (for the full list, see
103103
- `expires`: a `Date` object indicating the cookie's expiration date (expires at the end of session by default).
104104
- `path`: a string indicating the path of the cookie (`/` by default).
105105
- `domain`: a string indicating the domain of the cookie (no default).
106+
- `partitioned`: a boolean indicating whether to partition the cookie in Chrome for the [CHIPS Update](https://developers.google.com/privacy-sandbox/3pcd/chips) (`false` by default). If this is true, Cookies from embedded sites will be partitioned and only readable from the same top level site from which it was created.
107+
- `priority`: a string indicating the cookie priority. This can be set to `'low'`, `'medium'`, or `'high'`.
106108
- `sameSite`: a boolean or string indicating whether the cookie is a "same site" cookie (`false` by default). This can be set to `'strict'`, `'lax'`, `'none'`, or `true` (which maps to `'strict'`).
107109
- `secure`: a boolean indicating whether the cookie is only to be sent over HTTPS (`false` by default for HTTP, `true` by default for HTTPS). If this is set to `true` and Node.js is not directly over a TLS connection, be sure to read how to [setup Express behind proxies](https://expressjs.com/en/guide/behind-proxies.html) or the cookie may not ever set correctly.
108110
- `httpOnly`: a boolean indicating whether the cookie is only to be sent over HTTP(S), and not made available to client JavaScript (`true` by default).

package.json

+1-1
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@
1515
],
1616
"repository": "expressjs/cookie-session",
1717
"dependencies": {
18-
"cookies": "0.8.0",
18+
"cookies": "0.9.1",
1919
"debug": "3.2.7",
2020
"on-headers": "~1.0.2",
2121
"safe-buffer": "5.2.1"

0 commit comments

Comments
 (0)