Skip to content

nfriedly/set-cookie-parser

BranchesTags

Repository files navigation

set-cookie-parser

Node.js CI NPM version npm downloads

Parses set-cookie headers into JavaScript objects

Accepts a single set-cookie header value, an array of set-cookie header values, a Node.js response object, or a fetch() Response object that may have 0 or more set-cookie headers.

Returns either an array of cookie objects or a map of name => cookie object with options set {map: true}. Each cookie object will have, at a minimum name and value properties, and may have additional properties depending on the set-cookie header:

  • name - cookie name (string)
  • value - cookie value (string)
  • path - URL path to limit the scope to (string or undefined)
  • domain - domain to expand the scope to (string or undefined, may begin with "." to indicate the named domain or any subdomain of it)
  • expires - absolute expiration date for the cookie (Date object or undefined)
  • maxAge - relative expiration time of the cookie in seconds from when the client receives it (integer or undefined)
  • secure - indicates cookie should only be sent over HTTPs (true or undefined)
  • httpOnly - indicates cookie should not be accessible to client-side JavaScript (true or undefined)
  • sameSite - indicates if cookie should be included in cross-site requests (more info) (string or undefined)
    • Note: valid values are "Strict", "Lax", and "None", but set-cookie-parser copies the value verbatim and does not perform any validation.
  • partitioned - indicates cookie should be scoped to the combination of 3rd party domain + top page domain (more info) (true or undefined)

(The output format is loosely based on the input format of https://www.npmjs.com/package/cookie)

Install

$ npm install --save set-cookie-parser

Usage

Get array of cookie objects

import * as http from 'node:http';
import { parseSetCookie } from 'set-cookie-parser';
// or const { parseSetCookie } = require('set-cookie-parser');

http.get('http://example.com', function(res) {
  const cookies = parseSetCookie(res, {
    decodeValues: true  // default: true
  });

  cookies.forEach(console.log);
}

Example output:

[
    {
        name: 'bam',
        value: 'baz'
    },
    {
        name: 'foo',
        value: 'bar',
        path: '/',
        expires: new Date('Tue Jul 01 2025 06:01:11 GMT-0400 (EDT)'),
        maxAge: 1000,
        domain: '.example.com',
        secure: true,
        httpOnly: true,
        sameSite: 'lax'
    }
]

Get map of cookie objects

import * as http from 'node:http';
import { parseSetCookie } from 'set-cookie-parser';
// or const { parseSetCookie } = require('set-cookie-parser');

http.get('http://example.com', function(res) {
  const cookies = parseSetCookie(res, {
    decodeValues: true,  // default: true
    map: true            // default: false
  });

  const desiredCookie = cookies['session'];
  console.log(desiredCookie);
});

Example output:

{
    bam: {
        name: 'bam',
        value: 'baz'
    },
    foo: {
        name: 'foo',
        value: 'bar',
        path: '/',
        expires: new Date('Tue Jul 01 2025 06:01:11 GMT-0400 (EDT)'),
        maxAge: 1000,
        domain: '.example.com',
        secure: true,
        httpOnly: true,
        sameSite: 'lax'
    }
}

Creating a new, modified set-cookie header

This library can be used in conjunction with the cookie library to modify and replace set-cookie headers:

import * as libCookie from 'cookie';
import { parseSetCookie } from 'set-cookie-parser';
// or const { parseSetCookie } = require('set-cookie-parser');

function modifySetCookie(res){
  // parse the set-cookie headers with this library
  const cookies = parseSetCookie(res);
  
  // modify the cookies here
  // ...
  
  // create new set-cookie headers using the cookie library
  res.headers['set-cookie'] = cookies.map(function(cookie) {
      return libCookie.serialize(cookie.name, cookie.value, cookie);
  });
}

See a real-world example of this in unblocker

API

parseSetCookie(input, [options])

Parses cookies from a string, array of strings, or a http response object. Always returns an array, regardless of input format. (Unless the map option is set, in which case it always returns an object.)

Also accepts an optional options object. Defaults:

{
    decodeValues: true, // Calls decodeURIComponent on each value - default: true
    map: false,         // Return an object instead of an array - default: false
    silent: false,      // Suppress the warning that is logged when called on a request instead of a response - default: false
    split: 'auto',      // Separate combined cookie headers. Valid options are true/false/'auto'. 'auto' splits strings but not arrays.
}

References

License

MIT © Nathan Friedly

About

Parse HTTP set-cookie headers in JavaScript

www.npmjs.com/package/set-cookie-parser

Topics

nodejs javascript http parser react-native cookie header cookies headers

Resources

Readme

License

MIT license
Activity

Stars

194 stars

Watchers

1 watching

Forks

22 forks
Report repository

Releases

34 tags

Sponsor this project

 
Learn more about GitHub Sponsors

Packages

No packages published

Contributors 18
+ 4 contributors

Languages