Bug Report
Current Behavior
On an application where is generated cookie, serverless-offline doesn't work with version @hapijs/statehood 8.2.1 but work with version 8.2.0.
Sample Code
I will try to provide it later if necessary
Expected behavior/code
Related bug on @hapijs/statehood is hapijs/statehood#90
Environment
nestjs version 10express-session: ^1.18.0serverless version: v3.38.0serverless-offline version: v13.6.0node.js version: 18, 20, 22, 24OS: Windows / Ubuntu
Possible Solution
The problem is that @hapijs/statehood has changed regexp : hapijs/statehood@v8.2.0...v8.2.1
From
internals.validateRx = {
nameRx: {
strict: /^[^\x00-\x20\(\)<>@\,;\:\\"\/\[\]\?\=\{\}\x7F]+$/,
loose: /^[^=\s]*$/
},
valueRx: {
strict: /^[^\x00-\x20\"\,\;\\\x7F]*$/,
loose: /^(?:"([^\"]*)")|(?:[^\;]*)$/
},
domainRx: /^\.?[a-z\d]+(?:(?:[a-z\d]*)|(?:[a-z\d\-]*[a-z\d]))(?:\.[a-z\d]+(?:(?:[a-z\d]*)|(?:[a-z\d\-]*[a-z\d])))*$/,
domainLabelLenRx: /^\.?[a-z\d\-]{1,63}(?:\.[a-z\d\-]{1,63})*$/,
pathRx: /^\/[^\x00-\x1F\;]*$/
};to
internals.validateRx = {
nameRx: {
strict: /^[^\x00-\x20()<>@,;:\\"\/\[\]?={}\x7F]+$/,
loose: /^[^=\s]*$/
},
valueRx: {
strict: /^[^\x00-\x20",;\\\x7F]*$/,
loose: /^("[^"]*"|[^;]*)$/
},
domainRx: /^\.?[a-z\d]+(?:-[a-z\d]+)*(?:\.[a-z\d]+(?:-[a-z\d]+)*)*$/,
domainLabelLenRx: /^\.?[a-z\d\-]{1,63}(?:\.[a-z\d\-]{1,63})*$/,
pathRx: /^\/[^\x00-\x1F;]*$/
};Additional context/Screenshots
The cookie send in the header from serverless-offline have the following forms :
{
name: 'connect.sid',
value: 's%3A2KV_uHdcpvZJuzvbscjWpcd2A4auW-Uf.gY6PixF0WaIkT0Nab2PfEmRLQOWvyqMlAwAWCjxaJ6o; Path=/; Expires=Mon, 17 Nov 2025 15:15:23 GMT; HttpOnly',
options: { encoding: 'none', strictHeader: false }
}that is not valid anymore (@hapijs/statehood is waiting for a value in the string and others options informations has "options").
Even putting not strict mode the presence of spaces is a problem.
Temp Solution
In my package.json i have added :
"overrides": {
"@hapi/statehood": "8.2.0"
},
Bug Report
Current Behavior
On an application where is generated cookie, serverless-offline doesn't work with version @hapijs/statehood 8.2.1 but work with version 8.2.0.
Sample Code
I will try to provide it later if necessary
Expected behavior/code
Related bug on @hapijs/statehood is hapijs/statehood#90
Environment
nestjsversion 10express-session: ^1.18.0serverlessversion: v3.38.0serverless-offlineversion: v13.6.0node.jsversion: 18, 20, 22, 24OS: Windows / UbuntuPossible Solution
The problem is that @hapijs/statehood has changed regexp : hapijs/statehood@v8.2.0...v8.2.1
From
to
Additional context/Screenshots
The cookie send in the header from serverless-offline have the following forms :
that is not valid anymore (@hapijs/statehood is waiting for a value in the string and others options informations has "options").
Even putting not strict mode the presence of spaces is a problem.
Temp Solution
In my package.json i have added :