Home

documentcookie

Document.cookie is a property of the Document interface in web browsers that provides read and write access to cookies associated with the current document. It functions as both a getter and a setter for cookies that are accessible to the script’s origin and path.

Reading cookies: Accessing document.cookie returns a single string containing all cookies visible to the current script.

Writing cookies: Assigning to document.cookie creates or updates a cookie. The value should be a string in

Limitations and security: Cookies are sent with every HTTP request to the matching domain, which can affect

The
string
is
composed
of
name=value
pairs
separated
by
semicolons.
Not
all
cookies
are
visible;
HttpOnly
cookies
cannot
be
read
via
document.cookie,
and
cookies
limited
by
path
or
domain
restrictions
may
be
omitted.
the
form
"name=value"
and
may
include
optional
attributes
such
as
Expires
or
Max-Age,
Domain,
Path,
Secure,
and
SameSite.
Examples
include:
document.cookie
=
"username=JohnDoe";
and
document.cookie
=
"sessionToken=abc123;
Max-Age=3600;
Path=/;
Secure;
SameSite=Strict".
To
delete
a
cookie,
set
Max-Age
to
0
or
Expires
to
a
past
date
for
that
cookie’s
scope.
The
cookie’s
scope
is
determined
by
Domain
and
Path,
and
only
cookies
matching
the
current
page’s
domain
and
path
are
accessible.
performance.
There
is
a
per-cookie
size
limit
(roughly
4
KB)
and
a
limit
on
the
number
of
cookies
per
domain.
HttpOnly
cookies
cannot
be
read
via
document.cookie
and
must
be
set
by
the
server.
Secure
cookies
are
transmitted
only
over
HTTPS.
SameSite
helps
mitigate
cross-site
request
forgery.
For
larger
storage
needs,
other
Web
Storage
APIs
such
as
localStorage
or
sessionStorage
are
available,
offering
different
lifetimes
and
scopes.