CookieSetSettings: CookieScope & {
    expires?: Date | ITimeSpan | null;
    httpOnly?: boolean;
    maxAge?: number | ITimeSpan | null;
    partitioned?: boolean;
    prefix?: "secure" | "host" | null;
    priority?: "Low" | "Medium" | "High" | null;
    sameSite?: "Strict" | "Lax" | "None";
}

Settings for configuring a Set-Cookie header.

IMPORT_PATH: "@daiso-tech/core/http-router/contracts"

Type declaration

  • Optionalexpires?: Date | ITimeSpan | null

    The Expires attribute — when the cookie should be removed. Accepts a Date or an ITimeSpan (relative from now).

    nullomitted from the cookie
    
  • OptionalhttpOnly?: boolean

    The HttpOnly attribute — when true, the cookie is inaccessible to JavaScript.

    falseomitted from the cookie
    
  • OptionalmaxAge?: number | ITimeSpan | null

    The Max-Age attribute — lifetime in seconds. Accepts a raw number or an ITimeSpan.

    nullomitted from the cookie
    
  • Optionalpartitioned?: boolean

    The Partitioned attribute — when true, the cookie is stored using partitioned storage (CHIPS), scoped to the top-level site.

    falseomitted from the cookie
    
  • Optionalprefix?: "secure" | "host" | null

    Cookie name prefix that browsers use to enforce additional security:

    • "secure" — the __Secure- prefix, requires Secure and rejects Domain.
    • "host" — the __Host- prefix, requires Secure, Path=/, and rejects Domain.
    nullomitted from the cookie
    
  • Optionalpriority?: "Low" | "Medium" | "High" | null

    The Priority attribute — hints to the browser which cookies to evict first.

    nullomitted from the cookie
    
  • OptionalsameSite?: "Strict" | "Lax" | "None"

    The SameSite attribute — controls cross-site request behaviour.

    • "Strict" — only sent for same-site requests.
    • "Lax" — sent for same-site and top-level navigation GET requests.
    • "None" — sent for all requests (requires Secure).
    "Lax"