set-cookie-parser
Advanced tools
Package description
The set-cookie-parser package is a Node.js module that provides utilities for parsing and splitting the Set-Cookie headers found in HTTP responses. It can be used to extract cookie data in a structured format, making it easier to handle cookies in server-side applications.
Parse Set-Cookie Headers
This feature allows you to parse the Set-Cookie header from an HTTP response and convert it into an array of cookie objects.
const setCookie = require('set-cookie-parser');
const cookies = setCookie.parse(responseHeaders);
// responseHeaders should be the Set-Cookie header string or an array of Set-Cookie header strings.Parse Set-Cookie Headers with options
This feature allows you to parse the Set-Cookie header with additional options, such as returning a map of cookies for easier access by cookie name.
const setCookie = require('set-cookie-parser');
const cookies = setCookie.parse(responseHeaders, { map: true });
// responseHeaders should be the Set-Cookie header string or an array of Set-Cookie header strings. The option { map: true } will return an object map of cookies instead of an array.Split a Set-Cookie string
This feature allows you to split a Set-Cookie header string into an array of individual cookie strings, which can then be parsed separately.
const setCookie = require('set-cookie-parser');
const splitCookies = setCookie.splitCookiesString(cookieHeader);
// cookieHeader should be the full Set-Cookie header string.The 'cookie' package is used for parsing and serializing cookie headers. It provides similar functionalities for parsing cookies but does not focus exclusively on the Set-Cookie header.
The 'tough-cookie' package is a more comprehensive solution for handling cookies in Node.js. It includes parsing, serialization, and cookie jar management, which can store and retrieve cookies like a web browser.
The 'cookies' package is designed to work with Node.js HTTP servers, providing a higher-level API for setting and getting cookies in server-side applications, but it does not specifically focus on parsing Set-Cookie headers.
Readme
Parses set-cookie headers into objects
Accepts a single set-cookie header value, an array of set-cookie header values, a Node.js response object, or a fetch() Response object that may have 0 or more set-cookie headers.
Also accepts an optional options object. Defaults:
{
decodeValues: true, // Calls decodeURIComponent on each value - default: true
map: false, // Return an object instead of an array - default: false
silent: false, // Suppress the warning that is logged when called on a request instead of a response - default: false
}
Returns either an array of cookie objects or a map of name => cookie object with {map: true}. Each cookie object will have, at a minimum name and value properties, and may have additional properties depending on the set-cookie header:
name - cookie name (string)value - cookie value (string)path - cookie path (string or undefined)domain - domain for the cookie (string or undefined, may begin with "." to indicate the named domain or any subdomain of it)expires - absolute expiration date for the cookie (Date object or undefined)maxAge - relative max age of the cookie in seconds from when the client receives it (integer or undefined)
maxAge by 1000 to convert to milliseconds.secure - indicates that this cookie should only be sent over HTTPs (true or undefined)httpOnly - indicates that this cookie should not be accessible to client-side JavaScript (true or undefined)sameSite - indicates a cookie ought not to be sent along with cross-site requests (string or undefined)(The output format is loosely based on the input format of https://www.npmjs.com/package/cookie)
$ npm install --save set-cookie-parser
var http = require('http');
var setCookie = require('set-cookie-parser');
http.get('http://example.com', function(res) {
var cookies = setCookie.parse(res, {
decodeValues: true // default: true
});
cookies.forEach(console.log);
}
Example output:
[
{
name: 'bam',
value: 'baz'
},
{
name: 'foo',
value: 'bar',
path: '/',
expires: new Date('Tue Jul 01 2025 06:01:11 GMT-0400 (EDT)'),
maxAge: 1000,
domain: '.example.com',
secure: true,
httpOnly: true,
sameSite: 'lax'
}
]
var http = require('http');
var setCookie = require('set-cookie-parser');
http.get('http://example.com', function(res) {
var cookies = setCookie.parse(res, {
decodeValues: true, // default: true
map: true // default: false
});
var desiredCookie = cookies['session'];
console.log(desiredCookie);
});
Example output:
{
bam: {
name: 'bam',
value: 'baz'
},
foo: {
name: 'foo',
value: 'bar',
path: '/',
expires: new Date('Tue Jul 01 2025 06:01:11 GMT-0400 (EDT)'),
maxAge: 1000,
domain: '.example.com',
secure: true,
httpOnly: true,
sameSite: 'lax'
}
}
This library can be used in conjunction with the cookie library to modify and replace set-cookie headers:
const libCookie = require('cookie');
const setCookie = require('set-cookie-parser');
function modifySetCookie(res){
// parse the set-cookie headers with this library
let cookies = setCookie.parse(res);
// modify the cookies here
// ...
// create new set-cookie headers using the cookie library
res.headers['set-cookie'] = cookies.map(function(cookie) {
return libCookie.serialize(cookie.name, cookie.value, cookie);
});
}
See a real-world example of this in unblocker
React Native follows the Fetch spec more closely and combines all of the Set-Cookie header values into a single string.
The splitCookiesString method reverses this.
var setCookie = require('set-cookie-parser');
var response = fetch(/*...*/);
// This is mainly for React Native; Node.js does not combine set-cookie headers.
var combinedCookieHeader = response.headers.get('Set-Cookie');
var splitCookieHeaders = setCookie.splitCookiesString(combinedCookieHeader)
var cookies = setCookie.parse(splitCookieHeaders);
console.log(cookies); // should be an array of cookies
This behavior may become a default part of parse in the next major release, but requires the extra step for now.
Note that the fetch() spec now includes a getSetCookie() method that provides un-combined Set-Cookie headers. This library will automatically use that method if it is present.
Parses cookies from a string, array of strings, or a http response object.
Always returns an array, regardless of input format. (Unless the map option is set, in which case it always returns an object.)
Parses a single set-cookie header value string. Options default is {decodeValues: true}. Used under-the-hood by parse().
Returns an object.
It's uncommon, but the HTTP spec does allow for multiple of the same header to have their values combined (comma-separated) into a single header.
This method splits apart a combined header without choking on commas that appear within a cookie's value (or expiration date).
Returns an array of strings that may be passed to parse().
decodeURIComponent() on each cookie value), enabled by default.splitCookiesString method.MIT © Nathan Friedly
FAQs
Parses set-cookie headers into objects
The npm package set-cookie-parser receives a total of 3,965,394 weekly downloads. As such, set-cookie-parser popularity was classified as popular.
We found that set-cookie-parser demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.
Security News
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.