Skip to content

Latest commit

 

History

History
44 lines (33 loc) · 1.06 KB

no-document-cookie.md

File metadata and controls

44 lines (33 loc) · 1.06 KB

Do not use document.cookie directly

💼 This rule is enabled in the ✅ recommended config.

It's not recommended to use document.cookie directly as it's easy to get the string wrong. Instead, you should use the Cookie Store API or a cookie library.

Fail

document.cookie =
	'foo=bar' +
	'; Path=/' +
	'; Domain=example.com' +
	'; expires=Fri, 31 Dec 9999 23:59:59 GMT' +
	'; Secure';
document.cookie += '; foo=bar';

Pass

await cookieStore.set({
	name: 'foo',
	value: 'bar',
	expires: Date.now() + 24 * 60 * 60 * 1000,
	domain: 'example.com'
});
const array = document.cookie.split('; ');
import Cookies from 'js-cookie';

Cookies.set('foo', 'bar');