Missing cookie attributes

[angeloashmore]

Nice library! I really like the simplicity.

Is there any reason some of the attributes present in RFC 6265 were left out of CookieAttributes?

List taken from universal-cookie:

• path (string): Cookie path, use / as the path if you want your cookie to be accessible on all pages.
• expires (Date): Absolute expiration date for the cookie.
• maxAge (number): Relative max age of the cookie from when the client receives it in second.
• domain (string): Domain for the cookie (sub.domain.com or .allsubdomains.com).
• secure (boolean): Is only accessible through HTTPS?
• httpOnly (boolean): Is only accessible by HTTP(S)?

httpOnly and maxAge are not present in CookieAttributes. I don't use TypeScript, so I'm not sure if the compiled code excludes any additional properties not listed in the interface.

[theodorejb]

The expires property allows either a date or a number to be passed to choose a relative expiration, so I don't think a separate maxAge option is necessary.

As I understand it, the HttpOnly attribute prevents cookies from being accessed via document.cookie (which this library uses). I'm not sure there's a way to create a cookie on the client-side that can then only be accessed on the server.

[jsommr]

I think this issue can be closed. There's no way to set httpOnly and expires seems to already be taken care of. See https://github.com/carhartl/jquery-cookie/issues/122 and https://stackoverflow.com/questions/14691654/set-a-cookie-to-httponly-via-javascript regarding httpOnly.