-
-
Notifications
You must be signed in to change notification settings - Fork 153
/
Copy pathrestify.js
89 lines (77 loc) · 2.8 KB
/
restify.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
if(Number(process.version.split('.')[0].slice(1)) >= 8){
process.EventEmitter = require('events')
}
var assert = require('assert')
, restify = require('restify')
, keys = require('keygrip')(['a', 'b'])
, http = require('http')
, Cookies = require('../')
, request = require('./support/supertest')
if(!process.env.HTTP2_TEST) describe('Restify', function () {
var header
var server
before(function setup(done) {
server = restify.createServer()
server.get('/set', function (req, res) {
setCookies(req, res)
res.json({ status : 'ok'})
})
server.get('/get', function (req, res) {
assertCookies(req, res)
res.send(200)
})
server.listen(done)
})
it('should set cookies', function (done) {
request(server)
.get('/set')
.expect(200, function (err, res) {
if (err) return done(err)
header = res.headers['set-cookie']
assertSetCookieHeader(header)
done()
})
})
it('should get cookies', function (done) {
request(server)
.get('/get')
.set('Cookie', header.join(';'))
.expect(200, done)
})
})
function setCookies(req, res) {
var cookies = new Cookies(req, res, keys)
cookies
.set('unsigned', 'foo', { signed:false, httpOnly: false })
.set('signed', 'bar', { signed: true })
.set('tampered', 'baz')
.set('tampered.sig', 'bogus')
.set('overwrite', 'old-value', { signed: true })
.set('overwrite', 'new-value', { overwrite: true, signed: true })
}
function assertCookies(req, res) {
var cookies = new Cookies(req, res, keys)
var unsigned = cookies.get('unsigned'),
signed = cookies.get('signed', { signed: true }),
tampered = cookies.get('tampered', { signed: true }),
overwrite = cookies.get('overwrite', { signed: true })
assert.equal(unsigned, 'foo')
assert.equal(cookies.get('unsigned.sig', { signed:false }), undefined)
assert.equal(signed, 'bar')
assert.equal(cookies.get('signed.sig', { signed: false }), keys.sign('signed=bar'))
assert.notEqual(tampered, 'baz')
assert.equal(tampered, undefined)
assert.equal(overwrite, 'new-value')
assert.equal(cookies.get('overwrite.sig', { signed:false }), keys.sign('overwrite=new-value'))
assert.equal(res.getHeader('Set-Cookie'), 'tampered.sig=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; httponly')
}
function assertSetCookieHeader(header) {
assert.equal(header.length, 7)
assert.equal(header[0], 'unsigned=foo; path=/')
assert.equal(header[1], 'signed=bar; path=/; httponly')
assert.ok(/^signed\.sig=.{27}; path=\/; httponly$/.test(header[2]))
assert.equal(header[3], 'tampered=baz; path=/; httponly')
assert.equal(header[4], 'tampered.sig=bogus; path=/; httponly')
assert.equal(header[5], 'overwrite=new-value; path=/; httponly')
assert.ok(/^overwrite\.sig=.{27}; path=\/; httponly$/.test(header[6]))
}