npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

@boiseitguru/cookie-cutter

v0.3.1

Published

Browserify-compatible module to get and set cookies in the browser

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

boiseitguruboiseitguru

Keywords

cookiebrowserbrowserify

Readme

cookie-cutter

npm version bundle size

Tiny, dependency-free helper for reading and writing cookies in browsers or any environment that exposes a document-style interface.

Table of Contents

Features

  • Zero runtime dependencies and ES5-friendly source so it bundles cleanly with legacy toolchains.
  • Works in browsers, Browserify-style bundles, and Node.js when you provide a document stub.
  • Built-in TypeScript declarations with the same API shape as the JavaScript module.
  • Partitioned CHIPS attribute support plus SameSite guardrails to keep you aligned with current browser requirements.

Release Highlights (0.3.x)

  • Adds the partitioned attribute so cookies can opt into CHIPS while matching Mozilla’s Set-Cookie guidance.
  • Warns when SameSite: "None" is paired without secure: true and provides cookie.configure({ suppressInsecureSameSiteNoneWarning: true }) to silence the warning in local HTTP setups.
  • Introduces a top-level cookie.clear helper (including TypeScript declarations) and guarantees deletes force Max-Age=0.
  • Extends serialization to cover HttpOnly, Max-Age, and SameSite attributes so emitted cookies reflect modern browser expectations.

Installation

npm install @boiseitguru/cookie-cutter

Quick Start

// CommonJS
var cookie = require("@boiseitguru/cookie-cutter");

var visits = parseInt(cookie.get("visits"), 10) || 0;
cookie.set("visits", visits + 1, { path: "/" });
// ES Modules (modern bundlers)
import cookie from "@boiseitguru/cookie-cutter";

const visits = Number(cookie.get("visits") || 0) + 1;
cookie.set("visits", String(visits), { path: "/" });

API Reference

cookie(document?: Document | string)

Creates a cookie controller bound to the supplied document or cookie string. If no argument is given, an empty cookie jar is created. When you import/require the module in a browser, the default export is already bound to the global document, so you can call cookie.get, cookie.set, and cookie.clear directly as shown in the Quick Start.

cookie.get(key: string): string | undefined

Returns the value stored for key, or undefined if the cookie is not set.

cookie.set(key: string, value: string, options?: CookieOptions): string

Serializes key=value with any supplied cookie attributes, assigns it to document.cookie, and returns the serialized string. When options.SameSite === "None" and options.secure is not true, a warning is printed to console.warn to anticipate upcoming enforcement. Setting options.partitioned === true appends the Partitioned attribute.

cookie.clear(key: string, options?: CookieOptions): string

Clears the cookie for key by delegating to set with an expiry in the past and Max-Age = 0. Pass the same options you used when setting the cookie (such as path or domain) so the browser targets the correct cookie.

cookie.configure(options: CookieConfig): void

Adjusts global defaults for future cookie operations, such as silencing SameSite warnings during local development.

type CookieConfig = {
  suppressInsecureSameSiteNoneWarning?: boolean;
};
  • suppressInsecureSameSiteNoneWarning: When true, disables the warning emitted by cookie.set for SameSite: "None" cookies missing the secure flag. Useful for non-production development over HTTP.

Cookie Options

| Option | Type | Description | |-------------|------------------|------------------------------------------------------------------------------------------------------| | expires | Date | Sets the cookie expiry date. | | path | string | Restricts the cookie to a particular path. | | domain | string | Restricts the cookie to a particular domain. | | secure | boolean | Marks the cookie as secure-only. Required by browsers when SameSite is "None". | | HttpOnly | boolean | Adds the HttpOnly attribute. | | MaxAge | number | Sets the cookie lifetime (in seconds) via Max-Age. | | SameSite | "Strict" \| "Lax" \| "None" | Controls cross-site cookie behavior. | | partitioned | boolean | Appends the Partitioned attribute for CHIPS storage (requires secure: true in supporting browsers). |

Examples

Partitioned SameSite=None Cookie

var cookie = require("@boiseitguru/cookie-cutter");
var api = cookie(document);

api.set("session", "abc123", {
  secure: true,
  SameSite: "None",
  partitioned: true
});

This combination satisfies current Mozilla Set-Cookie expectations for partitioned cookies.

Suppressing Warnings During Local Development

var cookie = require("@boiseitguru/cookie-cutter");

cookie.configure({ suppressInsecureSameSiteNoneWarning: true });
var api = cookie({ cookie: "" });

api.set("token", "dev-only", { SameSite: "None" });

TypeScript

Type definitions ship with the package. Import the module using either default or CommonJS syntax and enjoy auto-complete for cookie options, including partitioned and SameSite.

import cookie = require("@boiseitguru/cookie-cutter");

const api = cookie();
api.set("theme", "dark", { SameSite: "Lax", MaxAge: 300 });

Testing

Run the Tape test suite:

npm test

Contributing

  • Keep the ES5 coding style: two-space indentation, var declarations, double-quoted strings, and explicit semicolons.
  • Update TypeScript declarations whenever the runtime API changes.
  • Add focused tests alongside functional changes so behavior stays locked down.

Project Origins & Credits

This repository preserves the original cookie-cutter module by James Halliday (substack) to ensure ongoing availability, with TypeScript support and modern cookie attribute updates maintained here.

License

MIT. See the LICENSE file for details.