Cookies

Mocking response cookies using the direct Fetch API Response instance proves problematic because the Set-Cookie header is one of the forbidden headers that cannot be set. MSW circumvents this limitation in its HttpResponse class to allow you to mock response cookies without compromising your response’s integrity and security.

http.post('/login', () => {
  return new HttpResponse(null, {
    headers: {
      // Setting the "Set-Cookie" header on the mocked response
      // will set the cookies on the `document` as if they were
      // received from the server.
      'set-cookie': 'authToken=abc-123',
    },
  })
})

We recommend you use third-party cookie serialization libraries, like cookie, to work with your mocked cookies, set their path, expiration date, domain, etc.