Security News
Opengrep Emerges as Open Source Alternative Amid Semgrep Licensing Controversy
Opengrep forks Semgrep to preserve open source SAST in response to controversial licensing changes.
By Sarah Gooding - Jan 28, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
universal-cookie
Advanced tools
What is universal-cookie?
The universal-cookie npm package is a JavaScript library for managing cookies in both browser and Node.js environments. It provides a simple and universal API to handle cookies, making it easier to work with cookies across server-side and client-side without changing the codebase.
What are universal-cookie's main functionalities?
Get a cookie
This feature allows you to retrieve the value of a cookie by its name. It's useful for accessing user preferences or session data stored in cookies.
const cookies = new UniversalCookie();
const myCookie = cookies.get('myCookieName');Set a cookie
This feature enables you to create a new cookie or update an existing one with a value, path, and maximum age. It's commonly used for storing user preferences or session tokens.
const cookies = new UniversalCookie();
cookies.set('myCookieName', 'myCookieValue', { path: '/', maxAge: 3600 });Remove a cookie
This feature allows you to delete a cookie from the browser. It's useful for logging out users or clearing session data.
const cookies = new UniversalCookie();
cookies.remove('myCookieName', { path: '/' });Other packages similar to universal-cookie
js-cookie
js-cookie is a simple, lightweight JavaScript API for handling cookies. It provides a straightforward way to create, read, and delete cookies on the client-side. Compared to universal-cookie, js-cookie is specifically designed for browser environments and does not support server-side rendering.
cookie
cookie is a Node.js module for parsing and serializing cookies. It's designed for server-side use, allowing for easy manipulation of HTTP cookies in Node.js applications. Unlike universal-cookie, cookie does not provide a unified API for both client and server environments.
cookies
cookies is a Node.js and browser module that provides a higher-level API for managing cookies in both environments. It offers features similar to universal-cookie but with additional options for security, such as automatic signing of cookies. It's a good alternative for applications requiring enhanced security measures.
universal-cookie
Universal cookies for JavaScript
Integrations
react-cookie- Universal cookies for Reactuniversal-cookie-express- Hook cookies get/set on Express for server-rendering
Getting started
npm install universal-cookie
or in the browser (global variable UniversalCookie):
<script
crossorigin
src="https://unpkg.com/universal-cookie@7/umd/universalCookie.min.js"
></script>
API - Cookies class
constructor([cookieHeader], [defaultSetOptions])
Create a cookies context
- cookieHeader (string|object): specify the cookie header or object
- defaultSetOptions (object): specify the default options when setting cookies
- path (string): cookie path, use
/as the path if you want your cookie to be accessible on all pages - expires (Date): absolute expiration date for the cookie
- maxAge (number): relative max age of the cookie from when the client receives it in seconds
- domain (string): domain for the cookie (sub.domain.com or .allsubdomains.com)
- secure (boolean): Is only accessible through HTTPS?
- httpOnly (boolean): Is only the server can access the cookie? Note: You cannot get or set httpOnly cookies from the browser, only the server.
- sameSite (boolean|none|lax|strict): Strict or Lax enforcement
- partitioned (boolean): Indicates that the cookie should be stored using partitioned storage
- path (string): cookie path, use
get(name, [options])
Get a cookie value
- name (string): cookie name
- options (object):
- doNotParse (boolean): do not convert the cookie into an object no matter what
getAll([options])
Get all cookies
- options (object):
- doNotParse (boolean): do not convert the cookie into an object no matter what
set(name, value, [options])
Set a cookie value
- name (string): cookie name
- value (string|object): save the value and stringify the object if needed
- options (object): Support all the cookie options from RFC 6265
- path (string): cookie path, use
/as the path if you want your cookie to be accessible on all pages - expires (Date): absolute expiration date for the cookie
- maxAge (number): relative max age of the cookie from when the client receives it in seconds
- domain (string): domain for the cookie (sub.domain.com or .allsubdomains.com)
- secure (boolean): Is only accessible through HTTPS?
- httpOnly (boolean): Is only the server can access the cookie? Note: You cannot get or set httpOnly cookies from the browser, only the server.
- sameSite (boolean|none|lax|strict): Strict or Lax enforcement
- partitioned (boolean): Indicates that the cookie should be stored using partitioned storage
- path (string): cookie path, use
remove(name, [options])
Remove a cookie
- name (string): cookie name
- options (object): Support all the cookie options from RFC 6265
- path (string): cookie path, use
/as the path if you want your cookie to be accessible on all pages - expires (Date): absolute expiration date for the cookie
- maxAge (number): relative max age of the cookie from when the client receives it in seconds
- domain (string): domain for the cookie (sub.domain.com or .allsubdomains.com)
- secure (boolean): Is only accessible through HTTPS?
- httpOnly (boolean): Is only the server can access the cookie? Note: You cannot get or set httpOnly cookies from the browser, only the server.
- sameSite (boolean|none|lax|strict): Strict or Lax enforcement
- partitioned (boolean): Indicates that the cookie should be stored using partitioned storage
- path (string): cookie path, use
addChangeListener(callback)
Add a listener to when a cookie is set or removed.
- callback (function): Call that will be called with the first argument containing
name,valueandoptionsof the changed cookie.
removeChangeListener(callback)
Remove a listener from the change callback.
update()
Read back the cookies from the browser and triggers the change listeners. This should normally not be necessary because this library detects cookie changes automatically.
Browser Example
import Cookies from 'universal-cookie';
const cookies = new Cookies(null, { path: '/' });
cookies.set('myCat', 'Pacman');
console.log(cookies.get('myCat')); // Pacman
Server Example
import Cookies from 'universal-cookie';
const cookies = new Cookies(req.headers.cookie, { path: '/' });
console.log(cookies.get('myCat')); // Pacman or undefined if not set yet
FAQs
Universal cookies for JavaScript
The npm package universal-cookie receives a total of 1,299,765 weekly downloads. As such, universal-cookie popularity was classified as popular.
We found that universal-cookie demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 29 Oct 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Node.js EOL Versions CVE Dubbed the "Worst CVE of the Year" by Security Experts
Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.
By Sarah Gooding - Jan 24, 2025
Security News
cURL Project and Go Security Teams Reject CVSS as Broken
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
By Sarah Gooding - Jan 24, 2025