Skip to content

Frequently Asked Questions

Klaus Hartl edited this page Jan 4, 2022 · 22 revisions

Reference version: 3.0.1

How to make the cookie expire in less than a day?

JavaScript Cookie supports a Date instance to be passed in the expires attribute. That provides a lot of flexibility since a Date instance can specify any moment in time.

Take for example, when you want the cookie to expire 15 minutes from now:

var inFifteenMinutes = new Date(new Date().getTime() + 15 * 60 * 1000);
Cookies.set('foo', 'bar', {
    expires: inFifteenMinutes

Also, you can specify fractions to expire in half a day (12 hours):

var inHalfADay = 0.5;
Cookies.set('foo', 'bar', {
    expires: inHalfADay

Or in 30 minutes:

var in30Minutes = 1/48;
Cookies.set('foo', 'bar', {
    expires: in30Minutes

Why is my cookie not being set?

There are a few reasons this could be happening:

You're trying to use HttpOnly: true

HttpOnly cookies are inaccessible to client-side JavaScript. But the restriction goes both ways: you cannot create an HttpOnly cookie either. The following is effectively a noop:

Cookies.set('foo', 'bar', { HttpOnly: true }) // WONT'T WORK!

Cookie is too big or there are too many cookies in the same domain

According to RFC 6265, which is the specification browsers implement for cookies:

Practical user agent implementations have limits on the number and size of cookies that they can store. General-use user agents SHOULD provide each of the following minimum capabilities:

  • At least 4096 bytes per cookie (as measured by the sum of the length of the cookie's name, value, and attributes).
  • At least 50 cookies per domain.
  • At least 3000 cookies total.

We recommend to not exceed the imposed limits stated in the RFC.

You are using the file:// protocol

Chrome does not allow you to manipulate a cookie when opening a file directly in the browser. You have to use a server that serves the response through http:// or https://.

It's a browser tracking protection mechanism

See for more information:

[...] the information about how these tracking protection mechanisms are deployed is all over the place: in release notes, in developer documentation, in Twitter threads, in working groups, in feature drafts, in bug patches, etc.

The purpose of the Cookie Status resource is to (attempt to) collect this information in one place for easy access and perusal.

How to remove all cookies?

It's not possible to remove literally all cookies from the user's browser. Some of them might have been created with a separate domain or path attribute than the one the user is currently in or even created with the HttpOnly attribute and therefore they might not be visible.

What is possible is to try to remove all cookies that are visible to the user:

Object.keys(Cookies.get()).forEach(function(cookieName) {
  var neededAttributes = {
    // Here you pass the same attributes that were used when the cookie was created
    // and are required when removing the cookie
  Cookies.remove(cookieName, neededAttributes);

Can I set two cookies with the same name?

No. js-cookie does not support two cookies with the same name in the same domain. Unexpected things might happen, see here for details.

Why does the browser not remove the cookies after I close it?

If you're using Chrome, check the feature "Continue where I left off". For more details, check here.

Why can‘t I get a particular cookie?

HttpOnly cookies are inaccessible to client-side JavaScript, so check whether the cookie in question is such a cookie.

Next check whether you‘ve restricted the cookie to a particular path while writing it. Also check that the value for a given path has been valid. Something like * isn’t and will not work the way you may think it does.

Are cookies enabled at all in the browser and no extension is blocking them?

Why won't you let me get a cookie with a particular attribute, say path or domain?

It's not possible. Once the cookie has been written, its attributes can‘t be read out. The underlying API we‘re constraint to use doesn‘t support this:

Why is my expiration time capped at 7 days, or 24 hours?

As part of tracking prevention measures browsers may cap expiration at a certain time, especially for client-side written cookies. At the time of writing this is the case for Safari (7 days/24 hours) and Brave (7 days). provides an overview.

How to extend or add a new plugin or functionality to the library?

js-cookie does not have an easy way to add plugins or to extend any of its functionality. And that's by design.

See this for additional information and why.

Can you rewrite the library in TypeScript?

Use typescript-cookie