Frequently Asked Questions
Reference version: 3.0.1
JavaScript Cookie supports a Date instance to be passed in the expires attribute. That provides a lot of flexibility since a Date instance can specify any moment in time.
Take for example, when you want the cookie to expire 15 minutes from now:
var inFifteenMinutes = new Date(new Date().getTime() + 15 * 60 * 1000);
Cookies.set('foo', 'bar', {
expires: inFifteenMinutes
});
Also, you can specify fractions to expire in half a day (12 hours):
var inHalfADay = 0.5;
Cookies.set('foo', 'bar', {
expires: inHalfADay
});
Or in 30 minutes:
var in30Minutes = 1/48;
Cookies.set('foo', 'bar', {
expires: in30Minutes
});
There are a few reasons this could be happening:
HttpOnly
cookies are inaccessible to client-side JavaScript. But the restriction goes both ways: you cannot create an HttpOnly
cookie either. The following is effectively a noop:
Cookies.set('foo', 'bar', { HttpOnly: true }) // WONT'T WORK!
According to RFC 6265, which is the specification browsers implement for cookies:
Practical user agent implementations have limits on the number and size of cookies that they can store. General-use user agents SHOULD provide each of the following minimum capabilities:
- At least 4096 bytes per cookie (as measured by the sum of the length of the cookie's name, value, and attributes).
- At least 50 cookies per domain.
- At least 3000 cookies total.
We recommend to not exceed the imposed limits stated in the RFC.
Chrome does not allow you to manipulate a cookie when opening a file directly in the browser. You have to use a server that serves the response through http://
or https://
.
See https://www.cookiestatus.com for more information:
[...] the information about how these tracking protection mechanisms are deployed is all over the place: in release notes, in developer documentation, in Twitter threads, in working groups, in feature drafts, in bug patches, etc.
The purpose of the Cookie Status resource is to (attempt to) collect this information in one place for easy access and perusal.
It's not possible to remove literally all cookies from the user's browser. Some of them might have been created with a separate domain
or path
attribute than the one the user is currently in or even created with the HttpOnly
attribute and therefore they might not be visible.
What is possible is to try to remove all cookies that are visible to the user:
Object.keys(Cookies.get()).forEach(function(cookieName) {
var neededAttributes = {
// Here you pass the same attributes that were used when the cookie was created
// and are required when removing the cookie
};
Cookies.remove(cookieName, neededAttributes);
});
No. js-cookie does not support two cookies with the same name in the same domain. Unexpected things might happen, see here for details.
If you're using Chrome, check the feature "Continue where I left off". For more details, check here.
HttpOnly
cookies are inaccessible to client-side JavaScript, so check whether the cookie in question is such a cookie.
Next check whether you‘ve restricted the cookie to a particular path while writing it. Also check that the value for a given path has been valid. Something like *
isn’t and will not work the way you may think it does.
Are cookies enabled at all in the browser and no extension is blocking them?
It's not possible. Once the cookie has been written, its attributes can‘t be read out. The underlying API we‘re constraint to use doesn‘t support this: https://developer.mozilla.org/en-US/docs/Web/API/Document/cookie
As part of tracking prevention measures browsers may cap expiration at a certain time, especially for client-side written cookies. At the time of writing this is the case for Safari (7 days/24 hours) and Brave (7 days). https://www.cookiestatus.com/ provides an overview.
js-cookie does not have an easy way to add plugins or to extend any of its functionality. And that's by design.
See this for additional information and why.
Return to Wiki Home-Page Return to General Home-Page