Summary
deleteCookie(headers, name, attrs) supports path at runtime, and path matching is needed to delete a path-scoped cookie. However, the TypeScript declaration for the third argument exposes { name?: string, domain?: string }, so TypeScript rejects { path: '/' } while accepting { name: '...' }, which is not consumed by the runtime attributes object.
Steps to reproduce
import { Headers, deleteCookie } from 'undici'
const headers = new Headers()
deleteCookie(headers, 'session', { domain: 'example.com', path: '/' })
// @ts-expect-error `name` should not be a deleteCookie attribute.
deleteCookie(headers, 'session', { domain: 'example.com', name: 'session' })
Compile with strict TypeScript settings against Undici's declarations.
Expected behavior
TypeScript should allow:
deleteCookie(headers, 'session', { domain: 'example.com', path: '/' })
and should reject name inside the attributes object, since the cookie name is already the second positional argument.
Actual behavior
TypeScript reports:
'path' does not exist in type '{ name?: string | undefined; domain?: string | undefined; }'
The @ts-expect-error on name is unused, meaning TypeScript currently accepts name as an attribute.
Evidence
Runtime behavior accepts and emits Path=/ for deletion:
session=abc; Domain=example.com; Path=/, session=; Domain=example.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
The drift appears to be between:
attributes?: { name?: string, domain?: string }
and the runtime/docs/tests behavior, which use path and domain for delete-cookie attributes.
Suggested fix
attributes?: { path?: string, domain?: string }
It would also be useful to add a TypeScript/tsd coverage case that accepts { path: '/', domain: 'example.com' } and rejects { name: 'session' }.
Additional context / Related coverage
A current GitHub search for related deleteCookie path type, cookies.d.ts deleteCookie, deleteCookie attributes path domain, and similar terms did not identify exact existing issue or PR coverage.
Submitted with Codex.
Summary
deleteCookie(headers, name, attrs)supportspathat runtime, and path matching is needed to delete a path-scoped cookie. However, the TypeScript declaration for the third argument exposes{ name?: string, domain?: string }, so TypeScript rejects{ path: '/' }while accepting{ name: '...' }, which is not consumed by the runtime attributes object.Steps to reproduce
Compile with strict TypeScript settings against Undici's declarations.
Expected behavior
TypeScript should allow:
and should reject
nameinside the attributes object, since the cookie name is already the second positional argument.Actual behavior
TypeScript reports:
The
@ts-expect-erroronnameis unused, meaning TypeScript currently acceptsnameas an attribute.Evidence
Runtime behavior accepts and emits
Path=/for deletion:The drift appears to be between:
and the runtime/docs/tests behavior, which use
pathanddomainfor delete-cookie attributes.Suggested fix
It would also be useful to add a TypeScript/tsd coverage case that accepts
{ path: '/', domain: 'example.com' }and rejects{ name: 'session' }.Additional context / Related coverage
A current GitHub search for related
deleteCookie path type,cookies.d.ts deleteCookie,deleteCookie attributes path domain, and similar terms did not identify exact existing issue or PR coverage.Submitted with Codex.