From 74cf2b1a3213adfdd1a653fa76a937ddfde0818d Mon Sep 17 00:00:00 2001 From: Blake Embrey Date: Thu, 3 Oct 2024 11:04:14 -0700 Subject: [PATCH 1/2] Allow leading dot for domain --- index.js | 8 +++++++- test/serialize.js | 2 +- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/index.js b/index.js index 47aca9e..51a58cb 100644 --- a/index.js +++ b/index.js @@ -64,9 +64,15 @@ var cookieValueRegExp = /^("?)[\u0021\u0023-\u002B\u002D-\u003A\u003C-\u005B\u00 * = any one of the 52 alphabetic characters A through Z in * upper case and a through z in lower case * = any one of the ten digits 0 through 9 + * + * Keep support for leading dot: https://github.com/jshttp/cookie/issues/173 + * + * > (Note that a leading %x2E ("."), if present, is ignored even though that + * character is not permitted, but a trailing %x2E ("."), if present, will + * cause the user agent to ignore the attribute.) */ -var domainValueRegExp = /^([a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)([.][a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)*$/i; +var domainValueRegExp = /^([.]?[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)([.][a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)*$/i; /** * RegExp to match path-value in RFC 6265 sec 4.1.1 diff --git a/test/serialize.js b/test/serialize.js index be84595..056ea89 100644 --- a/test/serialize.js +++ b/test/serialize.js @@ -76,6 +76,7 @@ describe('cookie.serialize(name, value, options)', function () { var validDomains = [ 'example.com', 'sub.example.com', + '.example.com', 'my-site.org', 'localhost' ]; @@ -94,7 +95,6 @@ describe('cookie.serialize(name, value, options)', function () { 'sub.example.com\u0000', 'my site.org', 'domain..com', - '.example.com', 'example.com; Path=/', 'example.com /* inject a comment */' ]; From 36ff47449632334fdb87d60064cc18164b3c898d Mon Sep 17 00:00:00 2001 From: Blake Embrey Date: Thu, 3 Oct 2024 11:05:20 -0700 Subject: [PATCH 2/2] Add localhost to tests --- test/serialize.js | 2 ++ 1 file changed, 2 insertions(+) diff --git a/test/serialize.js b/test/serialize.js index 056ea89..1ee3235 100644 --- a/test/serialize.js +++ b/test/serialize.js @@ -77,6 +77,8 @@ describe('cookie.serialize(name, value, options)', function () { 'example.com', 'sub.example.com', '.example.com', + 'localhost', + '.localhost', 'my-site.org', 'localhost' ];