Revert "Make the cookie library set the SameSite cookie value to strict by default"

2024-11-27 09:35:56 -05:00 · 2020-08-03 14:45:34 -04:00 · 2020-08-03 14:45:34 -04:00 · 62629413a7
commit 62629413a7
parent 5cdc191b82
2 changed files with 1 additions and 55 deletions
--- a/src/lib/jar.js
+++ b/src/lib/jar.js
@ -78,8 +78,7 @@ const Jar = {
    set: (name, value, opts) => {
        opts = opts || {};
        defaults(opts, {
-            expires: new Date(new Date().setYear(new Date().getFullYear() + 1)),
-            sameSite: 'Strict' // cookie library requires this capitialization of sameSite
+            expires: new Date(new Date().setYear(new Date().getFullYear() + 1))
        });
        opts.path = '/';
        const obj = cookie.serialize(name, value, opts);
--- a/test/unit/lib/jar.test.js
+++ b/test/unit/lib/jar.test.js
@ -1,53 +0,0 @@
-const jar = require('../../../src/lib/jar');
-const cookie = require('cookie');
-
-jest.mock('cookie', () => ({serialize: jest.fn()}));
-describe('unit test lib/jar.js', () => {
-
-    test('simple set test with no opts', () => {
-        jar.set('name', 'value');
-        expect(cookie.serialize).toHaveBeenCalled();
-        expect(cookie.serialize).toHaveBeenCalledWith('name', 'value',
-            expect.objectContaining({
-                path: '/',
-                sameSite: 'Strict',
-                expires: expect.anything() // not specifically matching the date because it is hard to mock
-            }));
-    });
-    test('test with opts', () => {
-        jar.set('a', 'b', {option: 'one'});
-        expect(cookie.serialize).toHaveBeenCalled();
-        expect(cookie.serialize).toHaveBeenCalledWith('a', 'b',
-            expect.objectContaining({
-                option: 'one',
-                path: '/',
-                sameSite: 'Strict',
-                expires: expect.anything() // not specifically matching the date because it is hard to mock
-            }));
-    });
-    test('expires opts overrides default', () => {
-        jar.set('a', 'b', {
-            option: 'one',
-            expires: 'someday'
-        });
-        expect(cookie.serialize).toHaveBeenCalled();
-        expect(cookie.serialize).toHaveBeenCalledWith('a', 'b',
-            expect.objectContaining({
-                option: 'one',
-                path: '/',
-                expires: 'someday'
-            }));
-    });
-    test('sameSite opts overrides default', () => {
-        jar.set('a', 'b', {
-            option: 'one',
-            sameSite: 'override'
-        });
-        expect(cookie.serialize).toHaveBeenCalled();
-        expect(cookie.serialize).toHaveBeenCalledWith('a', 'b',
-            expect.objectContaining({
-                option: 'one',
-                sameSite: 'override'
-            }));
-    });
-});