npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

browser-cookie-utils

v2.0.0

Published

Lightweight, dependency-free JavaScript helpers for getting, setting, and deleting browser cookies with modern browser support.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

samiahmedsiddiquisamiahmedsiddiqui

Keywords

cookiecookiesbrowserutilssamesitesecurefrontendweb

Readme

browser-cookie-utils

License: MIT NPM version Build Downloads

Lightweight, dependency-free JavaScript helpers for getting, setting, and deleting browser cookies safely and consistently in modern browsers.

Features

  • Zero runtime dependencies
  • Browser-only (no Node.js required in production)
  • Simple, ergonomic API
  • Cookie expiration with time units
  • Multi-domain cookie support
  • Automatic Secure flag on HTTPS
  • SameSite support (Lax, Strict, None)
  • Path customization
  • Safe encoding / decoding

Installation

NPM (Modern ESM / CJS)

npm install browser-cookie-utils@2

ESM import (modern bundlers):

import { setCookie, getCookie, deleteCookie } from 'browser-cookie-utils';

Do not use global object browserCookieUtils.

CJS import (Node.js / legacy bundlers):

const browserCookieUtils = require('browser-cookie-utils');

UMD / Browser Script Tag

<script src="https://cdn.jsdelivr.net/npm/browser-cookie-utils/dist/browser-cookie-utils.umd.js"></script>

jsDelivr CDN (Latest)

<script src="https://cdn.jsdelivr.net/npm/browser-cookie-utils/dist/browser-cookie-utils.umd.js"></script>

Available Builds

| File | Format | Notes | | --------------------------------- | ---------- | --------------------------------------- | | browser-cookie-utils.js | ESM | Non-minified, modern bundlers | | browser-cookie-utils.min.js | ESM | Minified, production-ready | | browser-cookie-utils.cjs.js | CJS | Non-minified, Node.js / CommonJS | | browser-cookie-utils.cjs.min.js | CJS | Minified, production-ready | | browser-cookie-utils.umd.js | UMD | Legacy browsers / script tag & CommonJS | | browser-cookie-utils.min.js.map | Source map | For minified ESM |

Note: The library attaches itself to window.browserCookieUtils in the browser.

Usage

Set a cookie (basic)

browserCookieUtils.setCookie('theme', 'dark');

Creates a cookie with:

  • 1 hour expiration
  • path=/
  • SameSite=Lax
  • Secure (automatically on HTTPS)

Set a cookie with options

browserCookieUtils.setCookie('session', 'abc123', {
  timeToLive: 2,
  unit: 'hour'
});

Supported units:

  • hour
  • day
  • month (30 days)

Set cookie with full configuration

browserCookieUtils.setCookie('user', 'sami', {
  timeToLive: 7,
  unit: 'day',
  domains: ['example.com', '.example.org'],
  path: '/',
  sameSite: 'Lax',
  secure: true
});

Available options

| Option | Type | Default | Description | | ------------ | ---------- | ---------------- | ------------------------ | | timeToLive | number | 1 | Expiration duration | | unit | string | hour | hour, day, month | | domains | string[] | current hostname | Domains to set cookie on | | path | string | / | Cookie path | | sameSite | string | Lax | Lax, Strict, None | | secure | boolean | auto | Forced Secure flag |

Cross-site cookies (SameSite=None)

browserCookieUtils.setCookie('crossSite', 'true', {
  sameSite: 'None',
  secure: true
});

⚠️ Browsers require Secure when using SameSite=None.

Get a cookie

const theme = browserCookieUtils.getCookie('theme');

Returns:

  • string if found
  • null if not found

Delete a cookie

browserCookieUtils.deleteCookie('theme');

Delete with options (recommended)

browserCookieUtils.deleteCookie('user', {
  domains: ['example.com'],
  path: '/',
  sameSite: 'Lax',
  secure: true
});

⚠️ For deletion to succeed, domain, path, secure, and sameSite must match the original cookie.

Migration Guide (v1.x → v2.0.0)

Version 2.0.0 introduces a breaking API change to improve flexibility and align with modern browser cookie requirements.

What changed?

The setCookie and deleteCookie functions now accept an options object instead of positional arguments.

setCookie migration

Before (v1.x):

browserCookieUtils.setCookie('theme', 'dark', 2, 'day', ['.example.com']);

After (v2.0.0):

browserCookieUtils.setCookie('theme', 'dark', {
  timeToLive: 2,
  unit: 'day',
  domains: ['.example.com']
});

deleteCookie migration

Before (v1.x):

browserCookieUtils.deleteCookie('theme', ['.example.com']);

After (v2.0.0):

browserCookieUtils.deleteCookie('theme', {
  domains: ['.example.com']
});

Why the change?

  • Clearer, self-documenting API
  • Easier future extensions
  • Better alignment with modern cookie attributes (SameSite, Secure, path)

If you need the old behavior, continue using v1.x, which remains stable.

Security behavior

  • Automatically adds Secure on HTTPS
  • Supports modern SameSite rules
  • Uses encodeURIComponent / decodeURIComponent
  • Sets path=/ by default
  • Does not set HttpOnly (not possible via JavaScript)

Browser support

  • All modern evergreen browsers
  • Works without polyfills
  • No reliance on deprecated APIs

License

MIT © Sami Ahmed Siddiqui