Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
browser-cookies
Advanced tools
Tiny cookies library for the browser
Cross browser support is verified on real browsers using automated testing:
Or run the unit tests for your current browser right now.
Using NPM
npm install browser-cookies
Using Bower
bower install browser-cookies
var cookies = require('browser-cookies');
cookies.set('firstName', 'Lisa');
cookies.set('firstName', 'Lisa', {expires: 365}); // Expires after 1 year
cookies.set('firstName', 'Lisa', {secure: true, domain: 'www.example.org'});
cookies.get('firstName'); // Returns cookie value (or null)
cookies.erase('firstName'); // Removes cookie
API contents:
name
, value
[, options
])name
)name
, [, options
])argument | type | description |
---|---|---|
name | string | the name of the cookie to save. |
value | string | the value to save. |
options | object | may contain any of the properties specified in options below. If an option is not specified, the value configured in cookies.defaults will be used. |
argument | type | description |
---|---|---|
name | string | the name of the cookie to retrieve. |
argument | type | description |
---|---|---|
name | string | the name of the cookie to remove. |
options | object | may contain the domain and path properties specified in options below. If an option is not specified, the value configured in cookies.defaults will be used. |
Options may be set globally using cookies.defaults or passed as function argument, see the Examples section below and the API reference above for details.
Name | Type | Default | Description |
---|---|---|---|
expires | Number , Date , String | 0 | Configure when the cookie expires by using one of the following types as value:
|
domain | String | "" | The domain from where the cookie is readable.
|
path | String | "/" | The path from where the cookie is readable.
|
secure | Boolean | false | If true the cookie will only be transmitted over secure protocols like https. |
httponly | Boolean | false | If true the cookie may only be read by the web server.
|
Count the number of a visits to a page:
var cookies = require('browser-cookies');
// Get cookie value
var visits = cookies.get('count');
console.log("You've been here " + parseInt(visits) + " times before!");
// Increment the counter and set (or update) the cookie
cookies.set('count', parseInt(visits) + 1, {expires: 365});
JSON may be saved by converting the JSON object into a string:
var cookies = require('browser-cookies');
// Store JSON data
var user = {firstName: 'Sofia', lastName: 'Dueñas'};
cookies.set('user', JSON.stringify(user))
// Retrieve JSON data
var userString = cookies.get('user');
alert('Hi ' + JSON.parse(userString).firstName);
The default value of cookie options may be changed:
var cookies = require('browser-cookies');
// Override defaults
cookies.defaults.secure = true;
cookies.defaults.expires = 7;
// 'secure' option enabled and cookie expires in 7 days
cookies.set('FirstName', 'John')
// 'secure' option enabled and cookie expires in 30 days
cookies.set('LastName', 'Smith', {expires: 30})
This design goal is to provide to smallest possible size (when minified and gzipped) for the given API, while remaining compliant to RFC6265 and providing cross-browser compatibility and consistency.
Development setup (requires node and git to be installed):
git clone https://github.com/voltace/browser-cookies.git
cd browser-cookies
npm install # Install dev dependencies
npm run test:local # Run unit tests locally (takes ~5 seconds)
npm run build # Create minified version
Feel free to add an issue on GitHub for any questions, bug or feature request you may have.
Public Domain (UNLICENSE)
FAQs
Tiny cookies library for the browser
The npm package browser-cookies receives a total of 45,010 weekly downloads. As such, browser-cookies popularity was classified as popular.
We found that browser-cookies demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.