Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
universal-cookie
Advanced tools
The universal-cookie npm package is a JavaScript library for managing cookies in both browser and Node.js environments. It provides a simple and universal API to handle cookies, making it easier to work with cookies across server-side and client-side without changing the codebase.
Get a cookie
This feature allows you to retrieve the value of a cookie by its name. It's useful for accessing user preferences or session data stored in cookies.
const cookies = new UniversalCookie();
const myCookie = cookies.get('myCookieName');
Set a cookie
This feature enables you to create a new cookie or update an existing one with a value, path, and maximum age. It's commonly used for storing user preferences or session tokens.
const cookies = new UniversalCookie();
cookies.set('myCookieName', 'myCookieValue', { path: '/', maxAge: 3600 });
Remove a cookie
This feature allows you to delete a cookie from the browser. It's useful for logging out users or clearing session data.
const cookies = new UniversalCookie();
cookies.remove('myCookieName', { path: '/' });
js-cookie is a simple, lightweight JavaScript API for handling cookies. It provides a straightforward way to create, read, and delete cookies on the client-side. Compared to universal-cookie, js-cookie is specifically designed for browser environments and does not support server-side rendering.
cookie is a Node.js module for parsing and serializing cookies. It's designed for server-side use, allowing for easy manipulation of HTTP cookies in Node.js applications. Unlike universal-cookie, cookie does not provide a unified API for both client and server environments.
cookies is a Node.js and browser module that provides a higher-level API for managing cookies in both environments. It offers features similar to universal-cookie but with additional options for security, such as automatic signing of cookies. It's a good alternative for applications requiring enhanced security measures.
Universal cookies for JavaScript
react-cookie
- Universal cookies for Reactuniversal-cookie-express
- Hook cookies get/set on Express for server-renderingnpm install universal-cookie
constructor([cookieHeader])
Create a cookies context
get(name, [options])
Get a cookie value
getAll([options])
Get all cookies
set(name, value, [options])
Set a cookie value
/
as the path if you want your cookie to be accessible on all pagesremove(name, [options])
Remove a cookie
/
as the path if you want your cookie to be accessible on all pagesaddChangeListener(callback)
Add a listener to when a cookie is set or removed.
name
, value
and options
of the changed cookie.removeChangeListener(callback)
Remove a listener from the change callback.
import Cookies from 'universal-cookie';
const cookies = new Cookies();
cookies.set('myCat', 'Pacman', { path: '/' });
console.log(cookies.get('myCat')); // Pacman
import Cookies from 'universal-cookie';
const cookies = new Cookies(req.headers.cookie);
console.log(cookies.get('myCat')); // Pacman or undefined if not set yet
FAQs
Universal cookies for JavaScript
The npm package universal-cookie receives a total of 1,328,732 weekly downloads. As such, universal-cookie popularity was classified as popular.
We found that universal-cookie demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.