Merge pull request #32910 from github/repo-sync

Repo sync
2026-01-10 00:03:04 -05:00 · 2024-05-10 11:32:59 -07:00
parent cbb0817ccc f05d2136ac
commit 784ac6cf8e
6 changed files with 38 additions and 5 deletions
--- a/package-lock.json
+++ b/package-lock.json
@@ -106,6 +106,8 @@
        "@playwright/test": "1.43.0",
        "@types/connect-datadog": "0.0.10",
        "@types/connect-timeout": "0.0.39",
+        "@types/cookie": "0.6.0",
+        "@types/cookie-parser": "1.4.7",
        "@types/express": "4.17.21",
        "@types/imurmurhash": "^0.1.4",
        "@types/js-cookie": "^3.0.6",
@@ -3165,6 +3167,21 @@
        "@types/express": "*"
      }
    },
+    "node_modules/@types/cookie": {
+      "version": "0.6.0",
+      "resolved": "https://registry.npmjs.org/@types/cookie/-/cookie-0.6.0.tgz",
+      "integrity": "sha512-4Kh9a6B2bQciAhf7FSuMRRkUWecJgJu9nPnx3yzpsfXX/c50REIqpHY4C82bXP90qrLtXtkDxTZosYO3UpOwlA==",
+      "dev": true
+    },
+    "node_modules/@types/cookie-parser": {
+      "version": "1.4.7",
+      "resolved": "https://registry.npmjs.org/@types/cookie-parser/-/cookie-parser-1.4.7.tgz",
+      "integrity": "sha512-Fvuyi354Z+uayxzIGCwYTayFKocfV7TuDYZClCdIP9ckhvAu/ixDtCB6qx2TT0FKjPLf1f3P/J1rgf6lPs64mw==",
+      "dev": true,
+      "dependencies": {
+        "@types/express": "*"
+      }
+    },
    "node_modules/@types/debug": {
      "version": "4.1.8",
      "resolved": "https://registry.npmjs.org/@types/debug/-/debug-4.1.8.tgz",
--- a/package.json
+++ b/package.json
@@ -292,6 +292,8 @@
    "@playwright/test": "1.43.0",
    "@types/connect-datadog": "0.0.10",
    "@types/connect-timeout": "0.0.39",
+    "@types/cookie": "0.6.0",
+    "@types/cookie-parser": "1.4.7",
    "@types/express": "4.17.21",
    "@types/imurmurhash": "^0.1.4",
    "@types/js-cookie": "^3.0.6",
--- a/src/frame/lib/cookie-settings.ts
+++ b/src/frame/lib/cookie-settings.ts
@@ -1,4 +1,6 @@
-export default {
+import { type CookieSerializeOptions } from 'cookie'
+
+export const cookieSettings: CookieSerializeOptions = {
  httpOnly: true, // can't access these cookies through browser JavaScript
  secure: !['test', 'development'].includes(process.env.NODE_ENV),
  // requires https protocol
--- a/src/frame/middleware/cookie-parser.js
+++ b/src/frame/middleware/cookie-parser.js
@@ -1,3 +0,0 @@
-import cookieParser from 'cookie-parser'
-import cookieSettings from '#src/frame/lib/cookie-settings.js'
-export default cookieParser(process.env.COOKIE_SECRET, cookieSettings)
--- a/src/frame/middleware/cookie-parser.ts
+++ b/src/frame/middleware/cookie-parser.ts
@@ -0,0 +1,15 @@
+import cookieParser from 'cookie-parser'
+import { type CookieParseOptions } from 'cookie-parser'
+
+import { cookieSettings } from '@/frame/lib/cookie-settings'
+
+export default cookieParser(
+  process.env.COOKIE_SECRET,
+  // This is because of a but in @types/cookie-parser
+  // The options are actually passed straight into `cookie.parse`
+  // from the cookie page. When creating a cookie setting object in
+  // our `cookie-settings.ts` we want to use the right type,
+  // which is `CookieSerializeOptions` (from the `cookie` package)
+  // but we have circumnavigate the option here.
+  cookieSettings as CookieParseOptions,
+)
--- a/src/frame/middleware/index.ts
+++ b/src/frame/middleware/index.ts
@@ -10,7 +10,7 @@ import abort from './abort'
 import morgan from 'morgan'
 import datadog from '@/observability/middleware/connect-datadog'
 import helmet from './helmet'
-import cookieParser from './cookie-parser.js'
+import cookieParser from './cookie-parser'
 import {
  setDefaultFastlySurrogateKey,
  setLanguageFastlySurrogateKey,