From c2beb9ec98d70842b232b0a94f38564b7d4cc71a Mon Sep 17 00:00:00 2001 From: hgpark Date: Fri, 20 Sep 2024 16:10:00 +0900 Subject: [PATCH] fix: #707 --- src/compose.ts | 118 +++++++++++++++++------------------ test/lifecycle/error.test.ts | 22 +++++++ 2 files changed, 81 insertions(+), 59 deletions(-) diff --git a/src/compose.ts b/src/compose.ts index dab52833..af60aa6f 100644 --- a/src/compose.ts +++ b/src/compose.ts @@ -565,65 +565,6 @@ export const composeHandler = ({ ` } - if (hasCookie) { - const get = (name: keyof CookieOptions, defaultValue?: unknown) => { - // @ts-ignore - const value = cookieMeta?.[name] ?? defaultValue - if (!value) - return typeof defaultValue === 'string' - ? `${name}: "${defaultValue}",` - : `${name}: ${defaultValue},` - - if (typeof value === 'string') return `${name}: '${value}',` - if (value instanceof Date) - return `${name}: new Date(${value.getTime()}),` - - return `${name}: ${value},` - } - - const options = cookieMeta - ? `{ - secrets: ${ - cookieMeta.secrets !== undefined - ? typeof cookieMeta.secrets === 'string' - ? `'${cookieMeta.secrets}'` - : '[' + - cookieMeta.secrets.reduce( - (a, b) => a + `'${b}',`, - '' - ) + - ']' - : 'undefined' - }, - sign: ${ - cookieMeta.sign === true - ? true - : cookieMeta.sign !== undefined - ? '[' + - cookieMeta.sign.reduce( - (a, b) => a + `'${b}',`, - '' - ) + - ']' - : 'undefined' - }, - ${get('domain')} - ${get('expires')} - ${get('httpOnly')} - ${get('maxAge')} - ${get('path', '/')} - ${get('priority')} - ${get('sameSite')} - ${get('secure')} - }` - : 'undefined' - - if (hasHeaders) - fnLiteral += `\nc.cookie = await parseCookie(c.set, c.headers.cookie, ${options})\n` - else - fnLiteral += `\nc.cookie = await parseCookie(c.set, c.request.headers.get('cookie'), ${options})\n` - } - if (hasQuery) { const destructured = < { @@ -889,6 +830,65 @@ export const composeHandler = ({ const requestMapper = `, c.request` + if (hasCookie) { + const get = (name: keyof CookieOptions, defaultValue?: unknown) => { + // @ts-ignore + const value = cookieMeta?.[name] ?? defaultValue + if (!value) + return typeof defaultValue === 'string' + ? `${name}: "${defaultValue}",` + : `${name}: ${defaultValue},` + + if (typeof value === 'string') return `${name}: '${value}',` + if (value instanceof Date) + return `${name}: new Date(${value.getTime()}),` + + return `${name}: ${value},` + } + + const options = cookieMeta + ? `{ + secrets: ${ + cookieMeta.secrets !== undefined + ? typeof cookieMeta.secrets === 'string' + ? `'${cookieMeta.secrets}'` + : '[' + + cookieMeta.secrets.reduce( + (a, b) => a + `'${b}',`, + '' + ) + + ']' + : 'undefined' + }, + sign: ${ + cookieMeta.sign === true + ? true + : cookieMeta.sign !== undefined + ? '[' + + cookieMeta.sign.reduce( + (a, b) => a + `'${b}',`, + '' + ) + + ']' + : 'undefined' + }, + ${get('domain')} + ${get('expires')} + ${get('httpOnly')} + ${get('maxAge')} + ${get('path', '/')} + ${get('priority')} + ${get('sameSite')} + ${get('secure')} + }` + : 'undefined' + + if (hasHeaders) + fnLiteral += `\nc.cookie = await parseCookie(c.set, c.headers.cookie, ${options})\n` + else + fnLiteral += `\nc.cookie = await parseCookie(c.set, c.request.headers.get('cookie'), ${options})\n` + } + fnLiteral += `c.route = \`${path}\`\n` const parseReporter = report('parse', { diff --git a/test/lifecycle/error.test.ts b/test/lifecycle/error.test.ts index 80db91c7..629eab26 100644 --- a/test/lifecycle/error.test.ts +++ b/test/lifecycle/error.test.ts @@ -272,4 +272,26 @@ describe('error', () => { somePretty: 'json' }) }) + + it('handle cookie signature error', async () => { + const app = new Elysia({ + cookie: { secrets: 'secrets', sign: ['session'] } + }) + .onError(({ code, error }) => { + if (code === 'INVALID_COOKIE_SIGNATURE') + return 'Where is the signature?' + }) + .get('/', ({ cookie: { session } }) => '') + + const root = await app.handle( + new Request('http://localhost/', { + headers: { + Cookie: 'session=1234' + } + }) + ) + + expect(await root.text()).toBe('Where is the signature?') + expect(root.status).toBe(400) + }) })