The name of the cookie.

The value of the cookie.

Defines the host to which the cookie will be sent.

Indicates the path that must exist in the requested URL for the browser to send the Cookie header.

The expiration time of the cookie in milliseconds since the Unix epoch. If the value is equal to or less than the current time, the cookie will be expired immediately.

The number of seconds until the cookie expires. A zero or negative number will expire the cookie immediately. If both expires and maxAge are present, maxAge has precedence.

Controls whether or not a cookie is sent with cross-site requests, providing some protection against cross-site request forgery attacks (CSRF).

• strict: The cookie will only be sent in a first-party context and not be sent with requests initiated by third party websites.
• lax: The cookie is not sent on normal cross-site sub-requests (for example to load images or frames into a third party site), but is sent when a user is navigating within the origin site (i.e. when following a link). When sameSite is not specified, this is the default behavior.
• none: The cookie will be sent in all contexts.

Forbids JavaScript from accessing the cookie, for example, through the document.cookie property.

Whether the cookie is to be used in secure contexts only, that is over HTTPS.

Indicates that the cookie should be stored using partitioned storage.