shelf_secure_cookie 1.3.0 shelf_secure_cookie: ^1.3.0 copied to clipboard
Cookie parser middleware for the Shelf ecosystem. Reads cookies in request, sets cookies in response. Supports AES-GCM for encryption if needed.
Changelog #
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog and this project adheres to Semantic Versioning.
[1.3.0] - 2022-01-17 #
Changed #
- Allowed to use a key with different than 32-bytes length, what is more user-friendly, but somewhat less secure. The key is padded with zeroes and trimmed to 32 bytes automatically. Backward compatible.
[1.2.0] - 2021-04-27 #
Changed #
- Changed original middleware, now you don't have to set response 'Set-Cookie' headers manually, it will handle it if you operate on Request.context['cookies'] storage, see example.
- Now CookieParser have separated lists of Request cookies [cookies] and Response cookies [responseCookies], so this is a somewhat a breaking change.
- Now 'get' methods operate on a request cookies list, and 'set' on a response list. The exception is a 'getResponse' method that allows to read a newly set cookie if you need that.
[1.1.0] - 2021-04-27 #
Fixed #
- Changed original middleware, now you have to set response headers explicitly, see example. But I will rearrange this later.
- Now encrypted cookies use
base64Url
encoding instead ofbase64
.