Important: This documentation covers Yarn 1 (Classic).
For Yarn 2+ docs and migration guide, see yarnpkg.com.

Package detail

cookies-js

ScottHamper268kPublic Domain1.2.3TypeScript support: included

Client-Side Cookie Manipulation API

cookies, client, browser

readme

Cookies.js

Cookies.js is a small client-side javascript library that makes managing cookies easy.

Features
Browser Compatibility
Getting the Library
Use in CommonJS/Node Environments Without window
A Note About Encoding
API Reference

Features

  • RFC6265 compliant
  • Cross browser
  • Lightweight
  • No dependencies
  • Public domain
  • Supports AMD / CommonJS loaders

Browser Compatibility

The following browsers have passed all of the automated Cookies.js tests:

  • Chrome
  • Firefox 3+
  • Safari 4+
  • Opera 10+
  • Internet Explorer 6+

Getting the Library

Direct downloads

Node Package Manager

npm install cookies-js

Bower

bower install cookies-js

Use in CommonJS/Node Environments Without window

In environments where there is no native window object, Cookies.js will export a factory method that accepts a window instance. For example, using jsdom, you might do something like:

var jsdom = require('jsdom');
var window = jsdom.jsdom().parentWindow;
var Cookies = require('cookies-js')(window);

// Use Cookies as you normally would

A Note About Encoding

RFC6265 defines a strict set of allowed characters for cookie keys and values. In order to effectively allow any character to be used in a key or value, Cookies.js will URI encode disallowed characters in their UTF-8 representation. As such, Cookies.js also expects cookie keys and values to already be URI encoded in a UTF-8 representation when it accesses cookies. Keep this in mind when working with cookies on the server side.

.NET Users

Do not use HttpUtility.UrlEncode and HttpUtility.UrlDecode on cookie keys or values. HttpUtility.UrlEncode will improperly escape space characters to '+' and lower case every escape sequence. HttpUtility.UrlDecode will improperly unescape every '+' to a space character. Instead, use System.Uri.EscapeDataString and System.Uri.UnescapeDataString.

API Reference

Methods
Cookies.set(key, value [, options])
Cookies.get(key)
Cookies.expire(key [, options])

Properties
Cookies.enabled
Cookies.defaults

Methods

Cookies.set(key, value [, options])

Alias: Cookies(key, value [, options])

Sets a cookie in the document. If the cookie does not already exist, it will be created. Returns the Cookies object.

Option Description Default
path A string value of the path of the cookie "/"
domain A string value of the domain of the cookie undefined
expires A number (of seconds), a date parsable string, or a Date object of when the cookie will expire undefined
secure A boolean value of whether or not the cookie should only be available over SSL false

A default value for any option may be set in the Cookies.defaults object.

Example Usage

// Setting a cookie value
Cookies.set('key', 'value');

// Chaining sets together
Cookies.set('key', 'value').set('hello', 'world');

// Setting cookies with additional options
Cookies.set('key', 'value', { domain: 'www.example.com', secure: true });

// Setting cookies with expiration values
Cookies.set('key', 'value', { expires: 600 }); // Expires in 10 minutes
Cookies.set('key', 'value', { expires: '01/01/2012' });
Cookies.set('key', 'value', { expires: new Date(2012, 0, 1) });
Cookies.set('key', 'value', { expires: Infinity });

// Using the alias
Cookies('key', 'value', { secure: true });

Cookies.get(key)

Alias: Cookies(key)

Returns the value of the most locally scoped cookie with the specified key.

Example Usage

// First set a cookie
Cookies.set('key', 'value');

// Get the cookie value
Cookies.get('key'); // "value"

// Using the alias
Cookies('key'); // "value"

Cookies.expire(key [, options])

Alias: Cookies(key, undefined [, options])

Expires a cookie, removing it from the document. Returns the Cookies object.

Option Description Default
path A string value of the path of the cookie "/"
domain A string value of the domain of the cookie undefined

A default value for any option may be set in the Cookies.defaults object.

Example Usage

// First set a cookie and get its value
Cookies.set('key', 'value').get('key'); // "value"

// Expire the cookie and try to get its value
Cookies.expire('key').get('key'); // undefined

// Using the alias
Cookies('key', undefined);

Properties

Cookies.enabled

A boolean value of whether or not the browser has cookies enabled.

Example Usage

if (Cookies.enabled) {
    Cookies.set('key', 'value');
}

Cookies.defaults

An object representing default options to be used when setting and expiring cookie values.

Option Description Default
path A string value of the path of the cookie "/"
domain A string value of the domain of the cookie undefined
expires A number (of seconds), a date parsable string, or a Date object of when the cookie will expire undefined
secure A boolean value of whether or not the cookie should only be available over SSL false

Example Usage

Cookies.defaults = {
    path: '/',
    secure: true
};

Cookies.set('key', 'value'); // Will be secure and have a path of '/'
Cookies.expire('key'); // Will expire the cookie with a path of '/'

changelog

Change Log

1.2.3

  • Fixed null object reference error when both the global this and window objects are undefined (e.g., when using webpack).

1.2.2

  • Fixed errors caused when accessing a properly encoded cookie while another cookie had a malformed key/value.

1.2.1

  • Fixed bower.json and package.json main pointing to "src" instead of "dist" now that an unminified version lives in "dist"

1.2.0

  • Infinity may now be used with the "expires" option to set a persistent cookie.
  • Included unminified version of the library in "dist"

1.1.0

  • Added the ability to require Cookies.js in CommonJS/Node environments that do not natively have a window object, by exporting a factory method that takes an instance of a window.

1.0.1

  • Fixed being unable to retrieve cookie values for keys that were named the same as a built-in Object property.

1.0.0

  • Put Cookies.js into the public domain.
  • Explicitly defaulted the secure option to false.

0.4.0

  • Replaced deprecated toGMTString with toUTCString (Thanks @Zorbash!)
  • Added a proper bower.json file (Thanks @jstayton!)
  • Fixed bug where Cookies.enabled was always returning true in IE7 and IE8 (Thanks @brianlow!)
  • Updated cookies.d.ts for Typescript 1.0 (Thanks @flashandy!)
  • Fixed unnecessarily encoding characters in cookie keys that are allowed by RFC6265, and fixed not encoding a couple characters in cookies keys that are not allowed by RFC6265. (Issue #18)
  • Moved the change log to its own file.

0.3.1

  • Fixed a runtime error that prevented the library from loading when cookies were disabled in the client browser.
  • Fixed a bug in IE that would cause the library to improperly read cookies with a value of "".

0.3.0

  • Rewrote the library from the ground up, using test driven development. The public API remains unchanged.
  • Restructured project directories.

0.2.1

  • Properly escaped a [ literal in the RFC6265 regular expression.

0.2.0

  • Cookie values are no longer automatically JSON encoded/decoded. This featured was deemed out of the scope of the library. This change also removes the dependency on a JSON shim for older browsers.

0.1.7

  • Changed cookie value encoding to only encode the special characters defined in RFC6265

0.1.6

  • Added 'use strict'; directive.
  • Removed some extraneous code.

0.1.5

  • Added CommonJS module support.
  • Setting an undefined value with Cookies.set now expires the cookie, mirroring the Cookies.expire alias syntax.
  • Simplified how the document.cookie string is parsed.

0.1.4

  • Fixed a bug where setting a cookie's secure value tofalse caused the Cookies.defaults.secure value to be used instead.

0.1.3

  • Added aliases for Cookies.set and Cookies.expire.

0.1.2

  • Set Cookies.defaults.path to '/'.
  • Replaced escape and unescape function calls with encodeURIComponent and decodeURIComponent, because the former are deprecated.
  • Cookie keys are now URI encoded in addition to cookie values.

0.1.1

  • Cross browser fixes.

0.1.0

  • Initial commit.