npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

set-cookie-parser

v3.0.1

Published

Parses set-cookie headers into objects

Downloads

75,571,669

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

nfriedlynfriedly

Keywords

set-cookiesetcookiecookiesheaderparseparser

Readme

set-cookie-parser

Node.js CI NPM version npm downloads

Parses set-cookie headers into JavaScript objects

Accepts a single set-cookie header value, an array of set-cookie header values, a Node.js response object, or a fetch() Response object that may have 0 or more set-cookie headers.

Returns either an array of cookie objects or a map of name => cookie object with options set {map: true}. Each cookie object will have, at a minimum name and value properties, and may have additional properties depending on the set-cookie header:

  • name - cookie name (string)
  • value - cookie value (string)
  • path - URL path to limit the scope to (string or undefined)
  • domain - domain to expand the scope to (string or undefined, may begin with "." to indicate the named domain or any subdomain of it)
  • expires - absolute expiration date for the cookie (Date object or undefined)
  • maxAge - relative expiration time of the cookie in seconds from when the client receives it (integer or undefined)
  • secure - indicates cookie should only be sent over HTTPs (true or undefined)
  • httpOnly - indicates cookie should not be accessible to client-side JavaScript (true or undefined)
  • sameSite - indicates if cookie should be included in cross-site requests (more info) (string or undefined)
    • Note: valid values are "Strict", "Lax", and "None", but set-cookie-parser copies the value verbatim and does not perform any validation.
  • partitioned - indicates cookie should be scoped to the combination of 3rd party domain + top page domain (more info) (true or undefined)

(The output format is loosely based on the input format of https://www.npmjs.com/package/cookie)

Install

$ npm install --save set-cookie-parser

Usage

Get array of cookie objects

import * as http from 'node:http';
import { parseSetCookie } from 'set-cookie-parser';
// or const { parseSetCookie } = require('set-cookie-parser');

http.get('http://example.com', function(res) {
  const cookies = parseSetCookie(res, {
    decodeValues: true  // default: true
  });

  cookies.forEach(console.log);
}

Example output:

[
    {
        name: 'bam',
        value: 'baz'
    },
    {
        name: 'foo',
        value: 'bar',
        path: '/',
        expires: new Date('Tue Jul 01 2025 06:01:11 GMT-0400 (EDT)'),
        maxAge: 1000,
        domain: '.example.com',
        secure: true,
        httpOnly: true,
        sameSite: 'lax'
    }
]

Get map of cookie objects

import * as http from 'node:http';
import { parseSetCookie } from 'set-cookie-parser';
// or const { parseSetCookie } = require('set-cookie-parser');

http.get('http://example.com', function(res) {
  const cookies = parseSetCookie(res, {
    decodeValues: true,  // default: true
    map: true            // default: false
  });

  const desiredCookie = cookies['session'];
  console.log(desiredCookie);
});

Example output:

{
    bam: {
        name: 'bam',
        value: 'baz'
    },
    foo: {
        name: 'foo',
        value: 'bar',
        path: '/',
        expires: new Date('Tue Jul 01 2025 06:01:11 GMT-0400 (EDT)'),
        maxAge: 1000,
        domain: '.example.com',
        secure: true,
        httpOnly: true,
        sameSite: 'lax'
    }
}

Creating a new, modified set-cookie header

This library can be used in conjunction with the cookie library to modify and replace set-cookie headers:

import * as libCookie from 'cookie';
import { parseSetCookie } from 'set-cookie-parser';
// or const { parseSetCookie } = require('set-cookie-parser');

function modifySetCookie(res){
  // parse the set-cookie headers with this library
  const cookies = parseSetCookie(res);
  
  // modify the cookies here
  // ...
  
  // create new set-cookie headers using the cookie library
  res.headers['set-cookie'] = cookies.map(function(cookie) {
      return libCookie.serialize(cookie.name, cookie.value, cookie);
  });
}

See a real-world example of this in unblocker

API

parseSetCookie(input, [options])

Parses cookies from a string, array of strings, or a http response object. Always returns an array, regardless of input format. (Unless the map option is set, in which case it always returns an object.)

Also accepts an optional options object. Defaults:

{
    decodeValues: true, // Calls decodeURIComponent on each value - default: true
    map: false,         // Return an object instead of an array - default: false
    silent: false,      // Suppress the warning that is logged when called on a request instead of a response - default: false
    split: 'auto',      // Separate combined cookie headers. Valid options are true/false/'auto'. 'auto' splits strings but not arrays.
}

References

License

MIT © Nathan Friedly