unicorn/no-document-cookie

What it does

Disallow direct use of document.cookie.

Why is this bad?

It's not recommended to use document.cookie directly as it's easy to get the string wrong. Instead, you should use the Cookie Store API or a cookie library.

Examples

Examples of incorrect code for this rule:

javascript

document.cookie = "foo=bar"
  + "; Path=/"
  + "; Domain=example.com"
  + "; expires=Fri, 31 Dec 9999 23:59:59 GMT"
  + "; Secure";

Examples of correct code for this rule:

javascript

async function storeCookies() {
  await cookieStore.set({
    name: "foo",
    value: "bar",
    expires: Date.now() + 24 * 60 * 60 * 1000,
    domain: "example.com",
  });
}

How to use

To enable this rule in the CLI or using the config file, you can use:

CLIConfig (.oxlintrc.json)

bash

oxlint --deny unicorn/no-document-cookie

json

{
  "rules": {
    "unicorn/no-document-cookie": "error"
  }
}

References

Rule Source

unicorn/no-document-cookie Restriction ​

What it does ​

Why is this bad? ​

Examples ​

How to use ​

References ​

unicorn/no-document-cookie Restriction

What it does

Why is this bad?

Examples

How to use

References