Interface CookieOptions

Defines the host to which the cookie will be sent.

Only the current domain can be set as the value, or a domain of a higher order, unless it is a public suffix. Setting the domain will make the cookie available to it, as well as to all its subdomains.

If omitted, this attribute defaults to the host of the current document URL, not including subdomains.

Leading dots in domain names (.example.com) are ignored.

Multiple host/domain values are not allowed, but if a domain is specified, then subdomains are always included.

Indicates the maximum lifetime of the cookie as an HTTP-date timestamp. See Date for the required formatting.

Forbids JavaScript from accessing the cookie, for example, through the document.cookie property.

Indicates that the cookie should be stored using partitioned storage. Note that if this is set to true, isSecure must also be set to true. See Cookies Having Independent Partitioned State (CHIPS) for more details.

Indicates that the cookie is sent to the server only when a request is made with the https: scheme (except on localhost).

Indicates the number of seconds until the cookie expires. A zero or negative number will expire the cookie immediately.

If both expiresAt and maxAge are set, maxAge has precedence.

Indicates the path that must exist in the requested URL for the browser to send the Cookie header.

Controls whether or not a cookie is sent with cross-site requests: that is, requests originating from a different site, including the scheme, from the site that set the cookie.