Skip to main content
Version: 0.1.0

Features Overview

See all cookies for the current site with complete information:

  • Name — cookie identifier.
  • Value — current cookie value (decoded).
  • Domain — which domain(s) can access the cookie.
  • Path — URL path restriction.
  • Expiration — when the cookie expires (or "Session" for session cookies).
  • Size — byte size of the cookie.
  • Secure — HTTPS-only flag.
  • HttpOnly — JavaScript inaccessible flag.
  • SameSite — cross-site request policy (Strict, Lax, None, Unspecified).

Search & Filter

Quickly find cookies:

  • Search by name, value, or domain.
  • Filter by attributes (Secure, HttpOnly, SameSite, etc.).
  • Sort by any column (name, domain, expiry, size, etc.).

Pin & Protect

  • Pin important cookies to the top for quick access.
  • Protect sensitive cookies to prevent accidental deletion or editing.

Edit Values

  • Click any cookie to edit its value.
  • The original value is preserved in your session for comparison.
  • Save changes immediately or discard.

Edit Attributes

  • Domain — change which domain(s) can access the cookie.
  • Path — restrict to specific URL paths.
  • Expiration — set custom expiry times.
  • SameSite — control cross-site request behavior.
  • Secure — require HTTPS.
  • HttpOnly — block JavaScript access.

Mock Values for Testing

Test different cookie values without permanently changing them:

  • The original value is saved for the session.
  • Switch between mock and original instantly.
  • Resets when the page reloads (unless you re-apply).

Value Parsing & Decoding

Cookie Lens automatically detects and parses structured cookie values:

  • JSON — pretty-print and edit JSON objects.
  • Base64 — decode base64-encoded values.
  • JWT — decode JWT tokens and inspect claims.
  • URL-encoded JSON — parse and edit JSON wrapped in URL encoding.
  • Query Strings — parse and edit key=value&key2=value2 format.
  • Key-Value Pairs — edit semicolon or comma-separated key-value cookies.

Edit decoded values directly, and Cookie Lens re-encodes them automatically.

Reports & Analysis

Security Report

Evaluate cookie security configuration:

  • HttpOnly — prevents JavaScript access (protects against XSS).
  • Secure — HTTPS-only (prevents interception).
  • SameSite — cross-site request policy (prevents CSRF).
  • Overall security score for each cookie.
  • Recommendations for improving security.

Privacy Report

Identify privacy and tracking concerns:

  • 3rd-party cookies — cookies from domains other than the current site.
  • Known trackers — cookies from analytics, ad, and tracking services.
  • Cross-site cookiesSameSite=None (sent on cross-origin requests).
  • Long-lived cookies — may require GDPR consent (> 1 year expiry).
  • Sensitive cookies — names matching auth/session patterns.
  • Risk classification (High, Medium, Low) for each cookie.

Expiry Report

Monitor cookie lifetime:

  • Expired — already expired cookies.
  • Expiring soon — within 1 hour.
  • Persistent — long-term cookies by expiry bucket (1h, 1 day, 7 days, 30 days, 1 year, etc.).
  • Session — cookies that expire when the browser closes.
  • Timeline visualization.

Size Report

Optimize cookie sizes:

  • Per-cookie size in bytes.
  • Domain totals.
  • Browser limits (4096 bytes per cookie, ~180 cookies per domain typical).
  • Warning indicators for oversized cookies.
  • Storage efficiency analysis.

Import & Export

Export

Download cookies for sharing, testing, or backup:

  • Cookies as JSON — standard format for cookie data.
  • Events as JSON — full event log (creates, edits, deletes).
  • Events as CSV — event log in spreadsheet format.

Import

Load cookies from a file:

  • Supports JSON format from exports.
  • Conflict handling — choose to keep, overwrite, or skip conflicting cookies.
  • Domain validation — prevents invalid or mismatched domains.
  • Production warning — alerts when importing to production domains.
  • Preview before import.

Set-by-Request Tracking (Optional)

Disabled by default. Requires user permission.

Automatically correlate cookies with network responses:

  • See which HTTP request set or updated each cookie.
  • View request method, URL, and response status.
  • Useful for debugging server-side cookie behavior.
  • Lightweight implementation (stores only metadata, not header values).

Browser Tabs

TabPurpose
CookiesMain cookie inspector and editor
EventsLog of all cookie changes (creates, edits, deletes)
SecuritySecurity scoring and HttpOnly/Secure/SameSite analysis
Privacy3rd-party, tracker, and risk analysis
ExpiryCookie lifetime and expiration tracking
SizeCookie size optimization and limits
ExportDownload or upload cookies and events

Keyboard Shortcuts & Tips

  • Search — start typing to filter cookies.
  • Pin/Unpin — click the pin icon to pin a cookie.
  • Protect/Unprotect — click the lock icon to protect from deletion.
  • Double-click value — quick edit mode.
  • Hover for full value — see truncated values in full.