Get and set the cookies associated with the current document in browser.
// Get a cookie cookie(name) -> String // Set a cookie cookie(name, value, [ttl], [path], [domain], [secure]) -> String
String- The name of the cookie.
String- The value of the cookie.
Number, optional- Time to live in seconds. If set to 0, or omitted, the cookie will expire at the end of the session (when the browser closes). If set to negative, the cookie is deleted.
String, optional- The path in which the cookie will be available on. If set to ‘/’, the cookie will be available within the entire domain. If set to ‘/foo/’, the cookie will only be available within the /foo/ directory and all sub-directories such as /foo/bar/ of domain. The default value is the current path of the current document location.
String, optional- The domain that the cookie is available to. (e.g., ‘example.com’, ‘.example.com’ (includes all subdomains), ‘subdomain.example.com’) If not specified, defaults to the host portion of the current document location.
String, optional- Indicates that the cookie should only be transmitted over a secure HTTPS connection from the client.
// simple set cookie("test", "a") // complex set - cookie(name, value, ttl, path, domain, secure) cookie("test", "a", 60*60*24, "/api", "*.example.com", true) // get cookie("test") // destroy cookie("test", "", -1)
This implementation returns always a string, so unset cookie and cookie set to empty string are equal.
You SHOULD use as few and as small cookies as possible to minimize network bandwidth due to the Cookie header being included in every request.
Unless sent over a secure channel (such as HTTPS), the information in cookies is transmitted in the clear text.
RFC 2109 section 6.3 recommended minimum limitations:
Setting more than 20 cookies per host may results in the oldest cookie being lost.
RFC 6265 raises limits for at least 50 cookies per domain and 3000 cookies total.
Have an update or suggestion for this note? You can edit it and send me a pull request.
Since 2013 to 2015