Back to Explore

jshttp/cookie

GitHub
1 watchersOpen source

Last release: 6 months ago

cookie is a basic JavaScript (Node.js) HTTP cookie parser and serializer. It helps you parse Cookie and Set-Cookie header strings into objects, and stringify those objects back into header values, with options for encoding and decoding.

Project status

  • The upstream repository appears actively maintained, with a very recent push recorded on 2026-06-01, and multiple recent versioned updates in late 2025.
  • The apparent update cadence shows a short burst in 2025 (v1.1.1 and v1.1.0 within about one day), followed by a longer quieter period (next listed update is v1.0.2 from 2024-11-20).

AI summary generated Today

AI-generated from public sources. May be inaccurate. Report

Recent updates

  • v1.1.1

    6 months ago

    Release v1.1.1 contains a targeted fix to cookie value handling when users pass options that include a value field. The change ensures the explicit value argument to stringifySetCookie takes precedence over options.value.

  • v1.1.0

    6 months ago

    v1.1.0 introduces new cookie utilities, including `parseCookie`/`stringifyCookie` for `Cookie` headers and `parseSetCookie` (plus set-cookie stringification, per the rename). It also renames existing APIs for clarity while keeping the old method names for backward compatibility.

    Features

  • v1.0.2

    11/20/2024

    v1.0.2 loosens cookie name and cookie value validation to allow a wider range of characters, addressing issue #191. It also fixes the `options.priority` fallback logic so it no longer incorrectly derives priority from `options.sameSite`. README was updated with an import example.

    Features

  • v1.0.1

    10/11/2024

    Release v1.0.1 updates cookie serialization to accept case-insensitive values for the `priority` and `sameSite` options. It also adds corresponding unit tests and tweaks parse benchmarks.

    Features

  • v1.0.0

    10/8/2024

    v1.0.0 is a major rewrite that ships TypeScript types and modernizes the module build, raising the minimum Node.js version to 18. The core cookie parsing and serialization logic was moved into TypeScript, and parsing behavior was refactored to delegate decode-related concerns to the provided decode function.

    BreakingFeatures

  • v0.7.2

    10/7/2024

    v0.7.2 contains a small fix related to `hasOwnProperty` usage during cookie parsing. The change hardens the `parse` function to reliably detect whether a key was already assigned, avoiding issues if `obj.hasOwnProperty` is missing or overwritten.

  • v0.7.1

    10/3/2024

    Release v0.7.1 mainly fixes cookie handling around domain attributes and improves parsing/serialization performance. The changes include allowing leading dots in domain values and optimizing code paths in `serialize`, while also improving `parse` correctness around object property handling.

  • v0.7.0

    10/2/2024

    v0.7.0 focuses on improving cookie header parsing performance and aligning cookie validation with RFC 6265. It also adds the `main` entry to `package.json` to support tooling compatibility (rspack).

    Breaking

  • v0.6.0

    11/21/2023

    Release v0.6.0 adds support for a new `partitioned` option when calling `cookie.serialize()`, which conditionally emits the `Partitioned` attribute in the resulting `Set-Cookie` header. The code diff also includes CI/workflow and development dependency updates, but the release notes only mention the `partitioned` option.

    Features

  • v0.5.0

    4/11/2022

    v0.5.0 adds support for the Set-Cookie Priority attribute via a new `priority` option. It also tightens validation for `expires` (rejecting invalid dates) and improves performance in cookie parsing and default URL decoding.

    BreakingFeatures