From f5b3db95853eeb73adfe098842dfd4bfc36d4514 Mon Sep 17 00:00:00 2001
From: Casimir Loeber <casimir@realtyninja.com>
Date: Mon, 3 Jun 2024 14:59:39 -0600
Subject: [PATCH 1/2] Add Partitioned support

---
 README.md                | 15 ++++++++-------
 dist/cookie.cjs.js       |  5 ++++-
 dist/cookie.esm.js       |  5 ++++-
 dist/cookie.umd.js       |  9 ++++++---
 dist/cookie.umd.min.js   |  2 +-
 src/cookie.js            |  5 ++++-
 tests/shared_no_jsdom.js | 20 ++++++++++++++++++++
 7 files changed, 47 insertions(+), 14 deletions(-)

diff --git a/README.md b/README.md
index c0723da..3a45fa8 100644
--- a/README.md
+++ b/README.md
@@ -63,13 +63,14 @@ cookie.set({
 
 The following fields can be added to the mentioned object:
 
-| key | value | default value |
-|:--|:--|:--|
-| `expires` |  Either a `number` containing the days until the expiry, a date in the `UTCString` format or a `date object`. | Expires when the browser is closed. |
-| `domain` |  A `string` that specifies the domain that can access the cookie. | The current domain. |
-| `path` | A `string` that limits the access of the cookie to that path. | The current path. |
-| `secure` | A `boolean` indicating whether the cookie shall only be accessible over a secure connection or not. | `false` |
-| `sameSite` | A `string` that specifies SameSite attribute that restricts cookie access based on the site context. | `null` |
+| key           | value | default value |
+|:--------------|:--|:--|
+| `expires`     |  Either a `number` containing the days until the expiry, a date in the `UTCString` format or a `date object`. | Expires when the browser is closed. |
+| `domain`      |  A `string` that specifies the domain that can access the cookie. | The current domain. |
+| `path`        | A `string` that limits the access of the cookie to that path. | The current path. |
+| `secure`      | A `boolean` indicating whether the cookie shall only be accessible over a secure connection or not. | `false` |
+| `sameSite`    | A `string` that specifies SameSite attribute that restricts cookie access based on the site context. | `null` |
+| `partitioned` | A `boolean` indicating whether the cookie is partitioned and stored separately per top-level site to prevent cross-site tracking. | `false` |
 
 You can customize the default settings by manipulating `cookie.defaults`.
 
diff --git a/dist/cookie.cjs.js b/dist/cookie.cjs.js
index e653660..a057c97 100644
--- a/dist/cookie.cjs.js
+++ b/dist/cookie.cjs.js
@@ -88,7 +88,10 @@ cookie.set = function (key, value, options) {
     sameSite = sameSite ? ';SameSite=' + sameSite : '';
     if (options.sameSite === null) sameSite = '';
 
-    document.cookie = utils.encode(key) + '=' + utils.encode(value) + expires + path + domain + secure + sameSite;
+    var partitioned = options.partitioned || this.defaults.partitioned ? ';partitioned' : '';
+    if (options.partitioned === false) partitioned = '';
+
+    document.cookie = utils.encode(key) + '=' + utils.encode(value) + expires + path + domain + secure + sameSite + partitioned;
   }
 
   return this; // Return the `cookie` object to make chaining possible.
diff --git a/dist/cookie.esm.js b/dist/cookie.esm.js
index a6b60de..0826259 100644
--- a/dist/cookie.esm.js
+++ b/dist/cookie.esm.js
@@ -86,7 +86,10 @@ cookie.set = function (key, value, options) {
     sameSite = sameSite ? ';SameSite=' + sameSite : '';
     if (options.sameSite === null) sameSite = '';
 
-    document.cookie = utils.encode(key) + '=' + utils.encode(value) + expires + path + domain + secure + sameSite;
+    var partitioned = options.partitioned || this.defaults.partitioned ? ';partitioned' : '';
+    if (options.partitioned === false) partitioned = '';
+
+    document.cookie = utils.encode(key) + '=' + utils.encode(value) + expires + path + domain + secure + sameSite + partitioned;
   }
 
   return this; // Return the `cookie` object to make chaining possible.
diff --git a/dist/cookie.umd.js b/dist/cookie.umd.js
index 3a0be48..0afb0f0 100644
--- a/dist/cookie.umd.js
+++ b/dist/cookie.umd.js
@@ -2,7 +2,7 @@
   typeof exports === 'object' && typeof module !== 'undefined' ? module.exports = factory() :
   typeof define === 'function' && define.amd ? define(factory) :
   (global = global || self, global.cookie = factory());
-}(this, function () { 'use strict';
+}(this, (function () { 'use strict';
 
   // Copyright (c) Florian Hartmann, https://github.com/florian https://github.com/florian/cookie.js
 
@@ -92,7 +92,10 @@
       sameSite = sameSite ? ';SameSite=' + sameSite : '';
       if (options.sameSite === null) sameSite = '';
 
-      document.cookie = utils.encode(key) + '=' + utils.encode(value) + expires + path + domain + secure + sameSite;
+      var partitioned = options.partitioned || this.defaults.partitioned ? ';partitioned' : '';
+      if (options.partitioned === false) partitioned = '';
+
+      document.cookie = utils.encode(key) + '=' + utils.encode(value) + expires + path + domain + secure + sameSite + partitioned;
     }
 
     return this; // Return the `cookie` object to make chaining possible.
@@ -178,4 +181,4 @@
 
   return cookie;
 
-}));
+})));
diff --git a/dist/cookie.umd.min.js b/dist/cookie.umd.min.js
index 44e310d..bd55549 100644
--- a/dist/cookie.umd.min.js
+++ b/dist/cookie.umd.min.js
@@ -1 +1 @@
-!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e=e||self).cookie=t()}(this,function(){"use strict";var e=function(){return e.get.apply(e,arguments)},t=e.utils={isArray:Array.isArray||function(e){return"[object Array]"===Object.prototype.toString.call(e)},isPlainObject:function(e){return!!e&&"[object Object]"===Object.prototype.toString.call(e)},toArray:function(e){return Array.prototype.slice.call(e)},getKeys:Object.keys||function(e){var t=[],r="";for(r in e)e.hasOwnProperty(r)&&t.push(r);return t},encode:function(e){return String(e).replace(/[,;"\\=\s%]/g,function(e){return encodeURIComponent(e)})},decode:function(e){return decodeURIComponent(e)},retrieve:function(e,t){return null==e?t:e}};return e.defaults={},e.expiresMultiplier=86400,e.set=function(e,r,i){if(t.isPlainObject(e))for(var n in e)e.hasOwnProperty(n)&&this.set(n,e[n],r);else{var o=void 0!==(i=t.isPlainObject(i)?i:{expires:i}).expires?i.expires:this.defaults.expires||"",s=typeof o;"string"===s&&""!==o?o=new Date(o):"number"===s&&(o=new Date(+new Date+1e3*this.expiresMultiplier*o)),""!==o&&"toUTCString"in o&&(o=";expires="+o.toUTCString());var u=i.path||this.defaults.path;u=u?";path="+u:"";var a=i.domain||this.defaults.domain;a=a?";domain="+a:"";var c=i.secure||this.defaults.secure?";secure":"";!1===i.secure&&(c="");var f=i.sameSite||this.defaults.sameSite;f=f?";SameSite="+f:"",null===i.sameSite&&(f=""),document.cookie=t.encode(e)+"="+t.encode(r)+o+u+a+c+f}return this},e.setDefault=function(r,i,n){if(t.isPlainObject(r)){for(var o in r)void 0===this.get(o)&&this.set(o,r[o],i);return e}if(void 0===this.get(r))return this.set.apply(this,arguments)},e.remove=function(e){for(var r=0,i=(e=t.isArray(e)?e:t.toArray(arguments)).length;r<i;r++)this.set(e[r],"",-1);return this},e.removeSpecific=function(e,r){if(!r)return this.remove(e);e=t.isArray(e)?e:[e],r.expires=-1;for(var i=0,n=e.length;i<n;i++)this.set(e[i],"",r);return this},e.empty=function(){return this.remove(t.getKeys(this.all()))},e.get=function(e,r){var i=this.all();if(t.isArray(e)){for(var n={},o=0,s=e.length;o<s;o++){var u=e[o];n[u]=t.retrieve(i[u],r)}return n}return t.retrieve(i[e],r)},e.all=function(){if(""===document.cookie)return{};for(var e=document.cookie.split("; "),r={},i=0,n=e.length;i<n;i++){var o=e[i].split("="),s=t.decode(o.shift()),u=t.decode(o.join("="));r[s]=u}return r},e.enabled=function(){if(navigator.cookieEnabled)return!0;var t="_"===e.set("_","_").get("_");return e.remove("_"),t},e});
+!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e=e||self).cookie=t()}(this,(function(){"use strict";var e=function(){return e.get.apply(e,arguments)},t=e.utils={isArray:Array.isArray||function(e){return"[object Array]"===Object.prototype.toString.call(e)},isPlainObject:function(e){return!!e&&"[object Object]"===Object.prototype.toString.call(e)},toArray:function(e){return Array.prototype.slice.call(e)},getKeys:Object.keys||function(e){var t=[],r="";for(r in e)e.hasOwnProperty(r)&&t.push(r);return t},encode:function(e){return String(e).replace(/[,;"\\=\s%]/g,(function(e){return encodeURIComponent(e)}))},decode:function(e){return decodeURIComponent(e)},retrieve:function(e,t){return null==e?t:e}};return e.defaults={},e.expiresMultiplier=86400,e.set=function(e,r,i){if(t.isPlainObject(e))for(var n in e)e.hasOwnProperty(n)&&this.set(n,e[n],r);else{var o=void 0!==(i=t.isPlainObject(i)?i:{expires:i}).expires?i.expires:this.defaults.expires||"",s=typeof o;"string"===s&&""!==o?o=new Date(o):"number"===s&&(o=new Date(+new Date+1e3*this.expiresMultiplier*o)),""!==o&&"toUTCString"in o&&(o=";expires="+o.toUTCString());var a=i.path||this.defaults.path;a=a?";path="+a:"";var u=i.domain||this.defaults.domain;u=u?";domain="+u:"";var c=i.secure||this.defaults.secure?";secure":"";!1===i.secure&&(c="");var f=i.sameSite||this.defaults.sameSite;f=f?";SameSite="+f:"",null===i.sameSite&&(f="");var l=i.partitioned||this.defaults.partitioned?";partitioned":"";!1===i.partitioned&&(l=""),document.cookie=t.encode(e)+"="+t.encode(r)+o+a+u+c+f+l}return this},e.setDefault=function(r,i,n){if(t.isPlainObject(r)){for(var o in r)void 0===this.get(o)&&this.set(o,r[o],i);return e}if(void 0===this.get(r))return this.set.apply(this,arguments)},e.remove=function(e){for(var r=0,i=(e=t.isArray(e)?e:t.toArray(arguments)).length;r<i;r++)this.set(e[r],"",-1);return this},e.removeSpecific=function(e,r){if(!r)return this.remove(e);e=t.isArray(e)?e:[e],r.expires=-1;for(var i=0,n=e.length;i<n;i++)this.set(e[i],"",r);return this},e.empty=function(){return this.remove(t.getKeys(this.all()))},e.get=function(e,r){var i=this.all();if(t.isArray(e)){for(var n={},o=0,s=e.length;o<s;o++){var a=e[o];n[a]=t.retrieve(i[a],r)}return n}return t.retrieve(i[e],r)},e.all=function(){if(""===document.cookie)return{};for(var e=document.cookie.split("; "),r={},i=0,n=e.length;i<n;i++){var o=e[i].split("="),s=t.decode(o.shift()),a=t.decode(o.join("="));r[s]=a}return r},e.enabled=function(){if(navigator.cookieEnabled)return!0;var t="_"===e.set("_","_").get("_");return e.remove("_"),t},e}));
diff --git a/src/cookie.js b/src/cookie.js
index a6b60de..0826259 100644
--- a/src/cookie.js
+++ b/src/cookie.js
@@ -86,7 +86,10 @@ cookie.set = function (key, value, options) {
     sameSite = sameSite ? ';SameSite=' + sameSite : '';
     if (options.sameSite === null) sameSite = '';
 
-    document.cookie = utils.encode(key) + '=' + utils.encode(value) + expires + path + domain + secure + sameSite;
+    var partitioned = options.partitioned || this.defaults.partitioned ? ';partitioned' : '';
+    if (options.partitioned === false) partitioned = '';
+
+    document.cookie = utils.encode(key) + '=' + utils.encode(value) + expires + path + domain + secure + sameSite + partitioned;
   }
 
   return this; // Return the `cookie` object to make chaining possible.
diff --git a/tests/shared_no_jsdom.js b/tests/shared_no_jsdom.js
index b2893a3..8080afa 100644
--- a/tests/shared_no_jsdom.js
+++ b/tests/shared_no_jsdom.js
@@ -71,6 +71,26 @@ exports.test = function(context) {
 
         mockStorage.should.deep.equal(['a=1']);
       });
+
+      it('should set partitioned flag for a cookie', function() {
+        cookie.set('a', '1', { partitioned: true });
+
+        mockStorage.should.deep.equal(['a=1;partitioned']);
+      });
+
+      it('uses the default partitioned flag', function() {
+        cookie.defaults = { partitioned: true };
+        cookie.set('a', '1');
+
+        mockStorage.should.deep.equal(['a=1;partitioned']);
+      });
+
+      it('allows to override the default partitioned flag', function() {
+        cookie.defaults = { partitioned: true };
+        cookie.set('a', '1', { partitioned: false });
+
+        mockStorage.should.deep.equal(['a=1']);
+      });
     });
   });
 };

From a7e90fdb2bef4b833873afcbfa6ffaa6ec83d1b5 Mon Sep 17 00:00:00 2001
From: Casimir Loeber <casimir@realtyninja.com>
Date: Mon, 3 Jun 2024 15:18:02 -0600
Subject: [PATCH 2/2] spacing

---
 README.md | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index 3a45fa8..05c891c 100644
--- a/README.md
+++ b/README.md
@@ -63,13 +63,13 @@ cookie.set({
 
 The following fields can be added to the mentioned object:
 
-| key           | value | default value |
-|:--------------|:--|:--|
-| `expires`     |  Either a `number` containing the days until the expiry, a date in the `UTCString` format or a `date object`. | Expires when the browser is closed. |
-| `domain`      |  A `string` that specifies the domain that can access the cookie. | The current domain. |
-| `path`        | A `string` that limits the access of the cookie to that path. | The current path. |
-| `secure`      | A `boolean` indicating whether the cookie shall only be accessible over a secure connection or not. | `false` |
-| `sameSite`    | A `string` that specifies SameSite attribute that restricts cookie access based on the site context. | `null` |
+| key | value | default value |
+|:--|:--|:--|
+| `expires` |  Either a `number` containing the days until the expiry, a date in the `UTCString` format or a `date object`. | Expires when the browser is closed. |
+| `domain` |  A `string` that specifies the domain that can access the cookie. | The current domain. |
+| `path` | A `string` that limits the access of the cookie to that path. | The current path. |
+| `secure` | A `boolean` indicating whether the cookie shall only be accessible over a secure connection or not. | `false` |
+| `sameSite` | A `string` that specifies SameSite attribute that restricts cookie access based on the site context. | `null` |
 | `partitioned` | A `boolean` indicating whether the cookie is partitioned and stored separately per top-level site to prevent cross-site tracking. | `false` |
 
 You can customize the default settings by manipulating `cookie.defaults`.