Cookie Lens
Cookie Lens treats cookies like a first-class debugging surface. It ships as a popup for a quick look and a DevTools panel for real work — a dense, sortable table where every cookie is structured data you can read, decode, edit, freeze, and audit. Privacy-first: host access is requested per site, only when you ask, and no value ever leaves your machine.
Why not the built-in Application tab?
Chrome's Application tab shows cookies as flat key-value strings — fine for a glance, painful for real debugging. Cookie Lens goes further:
- It decodes JWT, JSON, Base64 and delimited values into an editable table, so you read what's actually inside a cookie instead of an opaque blob.
- Its search matches the decoded value too — find a cookie by a claim buried inside a JWT, with a chip that explains the match.
- Freeze pins a value so a background enforcer reverts any page or server change — no more chasing a cookie a script keeps resetting.
Everything Cookie Lens does
Decode any value
Auto-detects JWT, JSON, Base64 and delimited key/value cookies into an editable table that serializes back.
Smart search
Matches raw and decoded forms; a via JWT / base64 / URL chip explains an otherwise-invisible match.
Freeze
Pin a value and a background enforcer instantly reverts any page or server change — or deletion.
Profiles
Save named cookie sets and switch between logged-in, guest or admin scenarios in one click.
Activity feed
A live network tab for cookies: set / update / delete / expire events with value diffs.
Diff
Snapshot the cookie jar, run a flow, and compare exactly what was added, removed or changed.
Report
Scores every cookie and lists severity-ranked findings across security, privacy, hygiene and size — with fixes.
Value masking
Hide sensitive values while you screen-share or record, without changing the underlying cookies.
Incognito
Works against the separate incognito cookie jar; dead snapshots are purged automatically.
Import & export
Move cookies as CSV or JSON — formula-injection guards, size caps, per-cookie failure reporting, and a foreign-domain warning on import.
Copy
Copy a cookie or the whole set as a cURL command, fetch() call, Cookie header, or Playwright storageState.
Set by Request
See which network request set or updated each cookie — its method, URL, status and Set-Cookie headers.
Who is it for?
- Frontend engineers debugging session, auth, and consent behavior.
- QA engineers testing cookie-dependent features across user states.
- Backend engineers verifying server-set cookies, flags, and expiry.
- Web platform & security teams auditing security, privacy, and size.
Privacy-first by design
All processing happens locally in your browser. Cookie Lens never sends cookie values anywhere, includes no analytics or telemetry, and loads no third-party scripts. Freeze and Profiles do persist cookie values in local extension storage — they must, to restore them — but nothing is transmitted off-device. See the Privacy Policy for the full breakdown.
Quick start
- Install Cookie Lens from the Chrome Web Store.
- Open the popup from the toolbar for the current tab, or press
F12/Cmd+Option+Iand open the Cookie Lens panel in DevTools. - Grant host access for the site when prompted (per-site, from your click).
- Browse, search, decode, and edit cookies — then explore the Report, Activity, Diff, Profiles, and Frozen views along the top.
Next steps
- Features Overview — an animated tour of every view.
- Guides — step-by-step walkthroughs.
- Privacy Policy — how your data is handled.
- FAQ — common questions and answers.