fix!: Use Headers.prototype.getSetCookie to avoid comma-splitting (#67

) Since Node.js now has `getSetCookie` available, we can use it instead of splitting the header on comma, which was very error-prone. Ref: nodejs/undici#1915 The linked PR was released as Undici v5.19.0, which is first available in Node.js 18.14.1. Since Node.js 18.14.2 has an even more up-tp-date version of Undici (5.20.0), I figured it'd be sensible to raise our requirement to that. BREAKING CHANGE: Engine version requirement raised to Node `>=18.14.2`.
meyfa · Mar 24, 2023 · 1541794 · 1541794
1 parent 286ba27
commit 1541794
Show file tree

Hide file tree

Showing 4 changed files with 7 additions and 9 deletions.
diff --git a/README.md b/README.md
@@ -8,5 +8,7 @@ A stateful HTTP client for NodeJS. Test your routes even when mocking is infeasi
 
 ## Usage
 
-This package requires Node version 18 or later because it makes use of native `fetch()`.
+This package requires Node version 18.14.2 or later because it makes use of native `fetch()`,
+as well as `Headers.prototype.getSetCookie`.
+
 Additionally, it is packaged as an ES module only, so your tests have to be in ESM format, too.
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -17,7 +17,7 @@
     "prepack": "npm run build"
   },
   "engines": {
-    "node": ">=18"
+    "node": ">=18.14.2"
   },
   "repository": {
     "type": "git",

diff --git a/src/cookies.ts b/src/cookies.ts
@@ -19,12 +19,9 @@ export function cookieMiddleware (store: CookieStore): Middleware {
 }
 
 function parseCookies (headers: Headers): Cookie[] {
-  // Node's Headers implementation returns all Set-Cookie headers joined by ', '
-  // TODO: Since dates are represented like "Wed, 12-Jul-2023 19:59:03 GMT", this will split too often!
-  const cookieDefinitions = headers.get('set-cookie')?.trim().split(/\s*,\s*/) ?? []
-
   const cookies = []
-  for (const cookieDefinition of cookieDefinitions) {
+  // Note: Headers.prototype.getSetCookie() is available since Node.js 18.14.1, but types aren't updated yet.
+  for (const cookieDefinition of (headers as any).getSetCookie() as readonly string[]) {
     // TODO: Handle malformed strings, quoted values, escaping.
     // TODO: Parse expiration date and flags.
     const key = cookieDefinition.match(/^([^=\s]+)/)?.[1]
@@ -33,6 +30,5 @@ function parseCookies (headers: Headers): Cookie[] {
       cookies.push({ key, value })
     }
   }
-
   return cookies
 }