noDocumentCookie

JavaScript (and super languages)

Summary

Section titled Summary

• Rule available since: v1.9.4
• Diagnostic Category: lint/nursery/noDocumentCookie
• This rule doesn’t have a fix.
• The default severity of this rule is information.
• Sources:
  • Same as unicorn/no-document-cookie

Caution

This rule is part of the nursery group.

Description

Section titled Description

Disallow direct assignments to document.cookie.

It’s not recommended to use document.cookie directly as it’s easy to get the string wrong. Instead, you should use the Cookie Store API.

Examples

Section titled Examples

Invalid

Section titled Invalid

document.cookie = "foo=bar";

code-block.js:1:1 lint/nursery/noDocumentCookie ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

  ℹ Direct assigning to document.cookie is not recommended.
  
  > 1 │ document.cookie = “foo=bar”;
      │ ^^^^^^^^^^^^^^^^^^^^^^^^^^^
    2 │ 
  
  ℹ Consider using the Cookie Store API.
  

document.cookie += "; foo=bar";

code-block.js:1:1 lint/nursery/noDocumentCookie ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

  ℹ Direct assigning to document.cookie is not recommended.
  
  > 1 │ document.cookie += ”; foo=bar”;
      │ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    2 │ 
  
  ℹ Consider using the Cookie Store API.
  

Valid

Section titled Valid

const array = document.cookie.split("; ");

await cookieStore
  .set({
    name: "foo",
    value: "bar",
    expires: Date.now() + 24 * 60 * 60,
    domain: "example.com",
})

import Cookies from 'js-cookie';

Cookies.set('foo', 'bar');

How to configure

Section titled How to configure

biome.json

{
  "linter": {
    "rules": {
      "nursery": {
        "noDocumentCookie": "error"
      }
    }
  }
}

Related links

Section titled Related links

• Disable a rule
• Configure the rule fix
• Rule options