Add partitioned attribute support

README.md

@@ -30,6 +30,7 @@ Returns either an array of cookie objects or a map of name => cookie object with
 * `secure` - indicates that this cookie should only be sent over HTTPs (true or undefined)
 * `httpOnly` - indicates that this cookie should *not* be accessible to client-side JavaScript (true or undefined)
 * `sameSite` - indicates a cookie ought not to be sent along with cross-site requests (string or undefined)
+* `partitioned` - indicates that this cookie could be created in an iframe from a 3rd party domain (true or undefined)
 
 (The output format is loosely based on the input format of https://www.npmjs.com/package/cookie)
 

lib/set-cookie.js

@@ -52,6 +52,8 @@ function parseString(setCookieValue, options) {
       cookie.httpOnly = true;
     } else if (key === "samesite") {
       cookie.sameSite = value;
+    } else if (key === "partitioned") {
+      cookie.partitioned = true;
     } else {
       cookie[key] = value;
     }

test/set-cookie-parser.js

@@ -28,7 +28,7 @@ describe("set-cookie-parser", function () {
 
   it("should parse a complex set-cookie header", function () {
     var cookieStr =
-      "foo=bar; Max-Age=1000; Domain=.example.com; Path=/; Expires=Tue, 01 Jul 2025 10:01:11 GMT; HttpOnly; Secure";
+      "foo=bar; Max-Age=1000; Domain=.example.com; Path=/; Expires=Tue, 01 Jul 2025 10:01:11 GMT; HttpOnly; Secure; Partitioned";
     var actual = setCookie.parse(cookieStr);
     var expected = [
       {
@@ -40,6 +40,7 @@ describe("set-cookie-parser", function () {
         domain: ".example.com",
         secure: true,
         httpOnly: true,
+        partitioned: true,
       },
     ];
     assert.deepEqual(actual, expected);