Skip to content

Commit

Permalink
Fix behavior of null/undefined as "maxAge" in res.cookie
Browse files Browse the repository at this point in the history
fixes #3935
closes #3936
  • Loading branch information
cjbarth authored and dougwilson committed Mar 27, 2022
1 parent 1cc8169 commit 5855339
Show file tree
Hide file tree
Showing 3 changed files with 38 additions and 3 deletions.
1 change: 1 addition & 0 deletions History.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ unreleased
* Add "root" option to `res.download`
* Allow `options` without `filename` in `res.download`
* Deprecate string and non-integer arguments to `res.status`
* Fix behavior of `null`/`undefined` as `maxAge` in `res.cookie`
* Ignore `Object.prototype` values in settings through `app.set`/`app.get`
* Invoke `default` with same arguments as types in `res.format`
* Support proper 205 responses using `res.send`
Expand Down
10 changes: 7 additions & 3 deletions lib/response.js
Original file line number Diff line number Diff line change
Expand Up @@ -868,9 +868,13 @@ res.cookie = function (name, value, options) {
val = 's:' + sign(val, secret);
}

if ('maxAge' in opts) {
opts.expires = new Date(Date.now() + opts.maxAge);
opts.maxAge /= 1000;
if (opts.maxAge != null) {
var maxAge = opts.maxAge - 0

if (!isNaN(maxAge)) {
opts.expires = new Date(Date.now() + maxAge)
opts.maxAge = Math.floor(maxAge / 1000)
}
}

if (opts.path == null) {
Expand Down
30 changes: 30 additions & 0 deletions test/res.cookie.js
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,36 @@ describe('res', function(){
.expect(200, optionsCopy, done)
})

it('should not throw on null', function (done) {
var app = express()

app.use(function (req, res) {
res.cookie('name', 'tobi', { maxAge: null })
res.end()
})

request(app)
.get('/')
.expect(200)
.expect('Set-Cookie', 'name=tobi; Path=/')
.end(done)
})

it('should not throw on undefined', function (done) {
var app = express()

app.use(function (req, res) {
res.cookie('name', 'tobi', { maxAge: undefined })
res.end()
})

request(app)
.get('/')
.expect(200)
.expect('Set-Cookie', 'name=tobi; Path=/')
.end(done)
})

it('should throw an error with invalid maxAge', function (done) {
var app = express()

Expand Down

0 comments on commit 5855339

Please sign in to comment.