New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reconsider no-document-cookie
enabled by default
#2301
Comments
no-document-cookie
enabled by defaultno-document-cookie
enabled by default
no-document-cookie
enabled by defaultno-document-cookie
enabled by default
I'd just use https://github.com/js-cookie/js-cookie personally and it seems that rule agrees, so I'd say working as intended. |
the library I'm using is used on both backend and frontend which is why it doesn't have a simple |
Understandable, there is no |
no but backends often have a concept of |
Yes, but as for the rule being the default, I'd still vote to keep it so users are aware of the problems of |
I wouldn't mind if this rule was a bit smarter and it could detect if |
no-document-cookie
is enabled by default.The docs tell you to use the Cookie Store API, however this is a poor recommendation as it does not yet have wide browser support.
The docs' other suggestion is to use a cookie library which is a fine suggestion, however I am already using a cookie library. The rule seems to hard ban assigning to
document.cookie
and the library I'm using is used in the form of:This is completely safe and is the intended usage but still trips the rule anyway.
If you would prefer to keep
no-document-cookie
enabled by default, my other suggestion would be to instead make the rule smarter and allow assignments from a called imported function.The text was updated successfully, but these errors were encountered: