From 3ef786849bb0cb70488556bc44db9ce1c77ec0e2 Mon Sep 17 00:00:00 2001 From: Matteo Collina Date: Mon, 22 Apr 2024 12:18:25 +0200 Subject: [PATCH 1/4] Add algorithm and security notice Signed-off-by: Matteo Collina --- README.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/README.md b/README.md index f40df21..e877267 100644 --- a/README.md +++ b/README.md @@ -96,8 +96,16 @@ fastify.get('/', (req, reply) => { - An `Array` can be passed if key rotation is desired. Read more about it in [Rotating signing secret](#rotating-secret). - More sophisticated cookie signing mechanisms can be implemented by supplying an `Object`. Read more about it in [Custom cookie signer](#custom-cookie-signer). +- `hook`: the [Fastify Hook](https://fastify.dev/docs/latest/Reference/Lifecycle/#lifecycle) to register the parsing of cookie into. Default: `onRequest`. + +- `algorithm`: the [algorithm](https://nodejs.org/api/crypto.html#cryptogethashes) to use to sign the cookies. Default: `sha256`. + - `parseOptions`: An `Object` to modify the serialization of set cookies. +### :warning: Security :warning: + +It's recommended to use `sha256` or stronger hashing algorithm as well as a `secret` that is at least 20 bytes long. + #### parseOptions ##### domain From 48b53e136875a4cc029e8f80a5e77f62f4d7b04d Mon Sep 17 00:00:00 2001 From: Matteo Collina Date: Mon, 22 Apr 2024 14:09:22 +0200 Subject: [PATCH 2/4] Update README.md Co-authored-by: Aras Abbasi Signed-off-by: Matteo Collina --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index e877267..8db0461 100644 --- a/README.md +++ b/README.md @@ -102,7 +102,7 @@ fastify.get('/', (req, reply) => { - `parseOptions`: An `Object` to modify the serialization of set cookies. -### :warning: Security :warning: +### :warning: Security Considerations :warning: It's recommended to use `sha256` or stronger hashing algorithm as well as a `secret` that is at least 20 bytes long. From 1d0da97a07a708eb60c8c8307dbc5d5c51225ffa Mon Sep 17 00:00:00 2001 From: Matteo Collina Date: Mon, 22 Apr 2024 14:09:28 +0200 Subject: [PATCH 3/4] Update README.md Co-authored-by: Aras Abbasi Signed-off-by: Matteo Collina --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 8db0461..33e12d1 100644 --- a/README.md +++ b/README.md @@ -104,7 +104,7 @@ fastify.get('/', (req, reply) => { ### :warning: Security Considerations :warning: -It's recommended to use `sha256` or stronger hashing algorithm as well as a `secret` that is at least 20 bytes long. +It's recommended to use `sha256` or stronger hashing algorithm as well as a `secret`, that is at least 20 bytes long. #### parseOptions From 7bd14228077e37021549f2b5a1b1a253af8d6aa8 Mon Sep 17 00:00:00 2001 From: Matteo Collina Date: Mon, 22 Apr 2024 14:13:47 +0200 Subject: [PATCH 4/4] Update README.md Co-authored-by: Frazer Smith Signed-off-by: Matteo Collina --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 33e12d1..6ea936d 100644 --- a/README.md +++ b/README.md @@ -104,7 +104,7 @@ fastify.get('/', (req, reply) => { ### :warning: Security Considerations :warning: -It's recommended to use `sha256` or stronger hashing algorithm as well as a `secret`, that is at least 20 bytes long. +It is recommended to use `sha256` or stronger hashing algorithm as well as a `secret` that is at least 20 bytes long. #### parseOptions