Skip to main content
Deno 2 is finally here 🎉️
Learn more
Go to Latest
The Standard Library has been moved to JSR. See the blog post for details.
Deprecated
import * as mod from "https://deno.land/std@0.212.0/http/unstable_cookie_map.ts";

Provides a iterable map interfaces for managing cookies server side.

Examples

To access the keys in a request and have any set keys available for creating a response:

import {
  CookieMap,
  mergeHeaders
} from "https://deno.land/std@0.212.0/http/unstable_cookie_map.ts";

const request = new Request("https://localhost/", {
  headers: { "cookie": "foo=bar; bar=baz;"}
});

const cookies = new CookieMap(request, { secure: true });
console.log(cookies.get("foo")); // logs "bar"
cookies.set("session", "1234567", { secure: true });

const response = new Response("hello", {
  headers: mergeHeaders({
    "content-type": "text/plain",
  }, cookies),
});

To have automatic management of cryptographically signed cookies, you can use the SecureCookieMap instead of CookieMap. The biggest difference is that the methods operate async in order to be able to support async signing and validation of cookies:

import {
  SecureCookieMap,
  mergeHeaders,
  type KeyRing,
} from "https://deno.land/std@0.212.0/http/unstable_cookie_map.ts";

const request = new Request("https://localhost/", {
  headers: { "cookie": "foo=bar; bar=baz;"}
});

// The keys must implement the `KeyRing` interface.
declare const keys: KeyRing;

const cookies = new SecureCookieMap(request, { keys, secure: true });
console.log(await cookies.get("foo")); // logs "bar"
// the cookie will be automatically signed using the supplied key ring.
await cookies.set("session", "1234567");

const response = new Response("hello", {
  headers: mergeHeaders({
    "content-type": "text/plain",
  }, cookies),
});

In addition, if you have a Response or Headers for a response at construction of the cookies object, they can be passed and any set cookies will be added directly to those headers:

import { CookieMap } from "https://deno.land/std@0.212.0/http/unstable_cookie_map.ts";

const request = new Request("https://localhost/", {
  headers: { "cookie": "foo=bar; bar=baz;"}
});

const response = new Response("hello", {
  headers: { "content-type": "text/plain" },
});

const cookies = new CookieMap(request, { response });
console.log(cookies.get("foo")); // logs "bar"
cookies.set("session", "1234567");

Classes

c
CookieMap
deprecated

Provides a way to manage cookies in a request and response on the server as a single iterable collection.

c
SecureCookieMap
deprecated

Provides an way to manage cookies in a request and response on the server as a single iterable collection, as well as the ability to sign and verify cookies to prevent tampering.

Variables

Symbol which is used in mergeHeaders to extract a [string | string][] from an instance to generate the final set of headers.

Functions

f
mergeHeaders
deprecated

Allows merging of various sources of headers into a final set of headers which can be used in a Response.

Interfaces

I
CookieMapOptions
deprecated
I
Headered
deprecated

An object which contains a headers property which has a value of an instance of Headers, like Request and Response.

I
KeyRing
deprecated

An interface which describes the methods that SecureCookieMap uses to sign and verify cookies.

I
Mergeable
deprecated

Type Aliases

T
Data
deprecated

Types of data that can be signed cryptographically.