{"id":19701806,"url":"https://github.com/joelvoss/cookie-lit","last_synced_at":"2025-07-27T17:10:18.385Z","repository":{"id":41983402,"uuid":"233462165","full_name":"joelvoss/cookie-lit","owner":"joelvoss","description":"Library for serialization and parsing of server and client side cookies.","archived":false,"fork":false,"pushed_at":"2024-06-19T02:38:49.000Z","size":2953,"stargazers_count":3,"open_issues_count":2,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-06-23T02:16:51.956Z","etag":null,"topics":["client","cookie","server"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/joelvoss.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2020-01-12T21:34:58.000Z","updated_at":"2024-05-11T10:46:06.000Z","dependencies_parsed_at":"2025-04-29T13:40:25.787Z","dependency_job_id":"71d17368-cf15-4709-9c86-49783dd4ed91","html_url":"https://github.com/joelvoss/cookie-lit","commit_stats":null,"previous_names":[],"tags_count":44,"template":false,"template_full_name":null,"purl":"pkg:github/joelvoss/cookie-lit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/joelvoss%2Fcookie-lit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/joelvoss%2Fcookie-lit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/joelvoss%2Fcookie-lit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/joelvoss%2Fcookie-lit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/joelvoss","download_url":"https://codeload.github.com/joelvoss/cookie-lit/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/joelvoss%2Fcookie-lit/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":267392562,"owners_count":24079919,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-27T02:00:11.917Z","response_time":82,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["client","cookie","server"],"created_at":"2024-11-11T21:10:40.374Z","updated_at":"2025-07-27T17:10:18.368Z","avatar_url":"https://github.com/joelvoss.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# cookie-lit\n\n**cookie-lit** is a library for parsing and serialization of server and client\nside cookies. It is heavily inspired by [cookie][@cookie] and\n[js-cookie][@js-cookie] and tries to combine both projects into one solution.\n\n## Installation\n\n```bash\n$ npm install cookie-lit\n\n# Using yarn\n$ yarn add cookie-lit\n```\n\n## Usage\n\n### Basic\n\n```js\nimport CookieJar from 'cookie-lit';\n\n// Create a new cookie jar\nconst jar = new CookieJar();\n\n// Set cookies\njar.set('my-cookie', 'a value');\njar.set('my-second-cookie', 'another value');\n\n// Get a cookie by name\njar.get('my-cookie');\n// ➞ '{ \"my-cookie\": \"a value\" }'\n\n// Get all cookies currently in the jar\njar.get();\n// ➞ '{ \"my-cookie\": \"a value\", \"my-second-cookie\": \"another value\" }'\n\n// Remove a cookie by name\njar.remove('my-cookie');\n```\n\n### Set a cookie with options\n\n```js\nimport CookieJar from 'cookie-lit';\nconst jar = new CookieJar();\n\nconst cookie = jar.set('my-cookie', 'value', {\n  expires: 1,\n  secure: true,\n});\n// ➞ 'my-cookie=value; Expires=Wed, 15 Jan 2020 18:10:22 GMT; Secure'\n```\n\nYou can read all about the possible options in the [API](#API) chapter.\n\n### Create a pre-filled jar of cookies\n\nYou can pre-fill a cookie jar by passing in a valid cookie string.  \nThis is useful when dealing with cookies coming from a HTTP request object.\n\n```js\nexport default (req, res) =\u003e {\n  // req.headers.cookie ≙ 'my-cookie=value'\n  const jar = new CookieJar(req.headers.cookie);\n  const cookies = jar.get();\n  // ➞ '{ \"my-cookie\": \"value\" }'\n  ...\n}\n```\n\n###\n\n## API\n\n### new CookieJar(cookies?)\n\nCreate a new cookie jar instance. You can pre-fill a cookie jar by passing in a\nvalid HTTP Cookie header string or object containing cookie key-value pairs.\n\n```js\nconst jar = new CookieJar('my-cookie=value');\nconsole.log(jar.get()); // '{ \"my-cookie\": \"value\" }'\n```\n\n```js\nconst jar = new CookieJar({ my-cookie: 'value' );\nconsole.log(jar.get()) // '{ \"my-cookie\": \"value\" }'\n```\n\n### jar.set(name, value, options?)\n\nSet a cookie name-value pair. The method will serialize the given pair into a\nSet-Cookie header string that is also returned from the method so you can use\nit to set a cookie as a HTTP response header.\nIf called client side, the cookie pair will be added to `document.cookie`\nautomatically for you.\n\n#### name\n\nThe name of the cookie\n\n#### value\n\nThe value to set the cookie to. If the value is of type `object`, we call\n`JSON.stringify` on it.\n\n#### options\n\nAn optional object specifying additional cookie attributes.\n\n##### encode\n\nUs the encode property to specify a function that will be used to encode the\nvalue set by `jar.set()`.\nSee [RFC6265 Section 4.1.1](https://tools.ietf.org/html/rfc6265#section-4.1.1)\nand [RFC6265 Section 6.1](https://tools.ietf.org/html/rfc6265#section-6.1) for\ndetailed instructions on cookie value best-practices and limitations.\n\nBy default, we are using the global `encodeURIComponent` function, which will\nencode a string by replacing each instance of certain characters by UTF-8\nrepresentations.\n\n##### domain\n\nSpecifies the `Domain` Set-Cookie attribute. By default, no domain is set and\nmost clients will consider the cookie to apply to only the current domain.\n\n```js\njar.set('my-cookie', 'value', { domain: 'my-domain.com' });\n// ➞ 'my-cookie=value; Domain=my-domain.com'\n```\n\n##### expires\n\nSpecifies the `Expires` Set-Cookie attribute. You can either set a specific\n`Date` instance or a `Number` that will be interpreted as days from time of\ncreation.\n\nBy default, no expiration date is set. Most clients will consider this a session\ncookie and remove the cookie as soon as the browser window is closed.\n\n```js\n// Expires one day from creation.\njar.set('my-cookie', 'value', { expires: 1 });\n// ➞ 'my-cookie=value; Expires=Mon, 01 Jan 2020 00:00:00 GMT'\n```\n\n\u003e _Note_:\n\u003e If both `expires` and `maxAge` are set, maxAge takes precedence, but it is\n\u003e possible that not all clients obey this rule. So if both are set, they should\n\u003e be set to the same date and time.\n\n##### httpOnly\n\nSpecifies the `HttpOnly` Set-Cookie attribute. When truthy, the attribute is\nset.\n\n```js\njar.set('my-cookie', 'value', { httpOnly: true });\n// ➞ 'my-cookie=value; HttpOnly'\n```\n\n\u003e _Note_:\n\u003e When setting `httpOnly` to true, clients will not allow JavaScript to see\n\u003e this cookie.\n\n##### maxAge\n\nSpecifies the `Max-Age` Set-Cookie attribute in seconds. The given number will\nbe converted to an integer by rounding down.\n\n```js\njar.set('my-cookie', 'value', { maxAge: 60 });\n// ➞ 'my-cookie=value; Max-Age=60'\n```\n\n\u003e _Note_:\n\u003e If both `maxAge` and `expires` are set, maxAge takes precedence, but it is\n\u003e possible that not all clients obey this rule. So if both are set, they should\n\u003e be set to the same date and time.\n\n##### path\n\nSpecfies the `Path` Set-Cookie attribute. If the path attribute is omitted, the\nclient will use the \"directory\" of the request-uri's path component as the\ndefault value.\n\n```js\njar.set('my-cookie', 'value', { path: '/' });\n// ➞ 'my-cookie=value; Path=/'\n```\n\n\u003e _Note:_\n\u003e Although seemingly useful for isolating cookies between different paths\n\u003e within a given host, the Path attribute cannot be relied upon for security.\n\n##### sameSite\n\nSpecifies the `SameSite` Set-Cookie attribute. Use one of the following possible\nvalues:\n\n- `true` will set the attribute to \"Strict\"\n- `false` will not set the attribute\n- `lax` will set the attribute to \"Lax\"\n- `none` will set the attribute to \"None\"\n- `strict` will set the attribute to \"Strict\"\n\n```js\njar.set('my-cookie', 'value', { sameSite: true });\n// ➞ 'my-cookie=value; SameSite=Strict'\n```\n\n\u003e _Note:_\n\u003e Browsers are migrating to have cookies default to `SameSite=Lax`. If a cookie\n\u003e is needed to be sent cross-origin, opt out of the `SameSite` restriction using\n\u003e the `None` directive. The `None` directive requires the `Secure` attribute.\n\n##### secure\n\nSpecifies the `Secure` Set-Cookie attribute. When truthy, the attribte is set.\n\n```js\n```\n\n\u003e _Note:_\n\u003e When setting `secure` to true, complient clients will not send the cookie\n\u003e over HTTP and you will not allow JavaScript to see this cookie on\n\u003e http://localhost.\n\n### jar.get(name?, options?)\n\nGet all cookie name-value pairs currently stored in the cookie jar.\nBy specifying the name argument you can query for a specific cookie value.\n\n```js\n// document.cookie = 'my-cookie=value'\n\njar.get();\n// ➞ '{ \"my-cookie\": \"value\" }'\n```\n\n#### name\n\nAn optional cookie header name to query a specific cookie value for.\n\n#### options\n\nAn optional object specifying additional query options.\n\n##### decode\n\nSpecifies a function that will be used to decode a previously-encoded cookie\nvalue into a JavaScript string or object.\n\nBy default this function is the global `decodeURIComponent`.\n\n\u003e _Note:_\n\u003e If the decode function throws an error, the original value will be returned.\n\n### jar.remove(name, options?)\n\nDelete a cookie from `document.cookie` and the cookie jar.\nThe method will return an appropriate Set-Cookie header string to remove\nthe cookie.\n\n```js\njar.set('my-cookie');\n// document.cookie = 'my-cookie=value'\n// jar.get() = '{ \"my-cookie\": \"value\" }'\n\njar.remove('my-cookie');\n// ➞ 'my-cookie=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0'\n// document.cookie = ''\n// jar.get() = '{}'\n```\n\n#### name\n\nThe name of the cookie to be deleted.\n\n#### options\n\nAn optional object containing additional cookie attributes.\nThese attributes must match the attributes set on the cookie to be deleted.\n\n```js\njar.set('my-cookie', 'value', { path: '' });\n\n// This will fail, as the `path` attributes don't match.\njar.remove('my-cookie');\n\n// This will remove the cookie.\njar.remove('my-cookie', { path: '' });\n```\n\n\u003e _Note:_\n\u003e Removing a non-existent cookie neither raises any exception nor returns any\n\u003e value.\n\n---\n\n[@cookie]: https://github.com/jshttp/cookie\n[@js-cookie]: https://github.com/js-cookie/js-cookie\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjoelvoss%2Fcookie-lit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjoelvoss%2Fcookie-lit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjoelvoss%2Fcookie-lit/lists"}