How to Edit Cookies
Opening the Editor
- Find the cookie in the Cookies view.
- Click the row to open its inline editor.
- Every field — the value and each attribute — is editable in place.
Editing the Value
- The Value field shows the current value, decoded for display.
- If the value is structured (JWT, JSON, Base64, or a delimited key/value format), you can edit it in decoded form — Cookie Lens re-encodes to the original format on save. See Parsing Values.
- Values shown URL-decoded are re-encoded losslessly, so the stored bytes stay identical.
- Click Save to apply, or discard to leave the cookie untouched.
Editing Attributes
Domain
.example.com— the domain and all subdomains.example.com— the exact domain only.
Chrome may reject a domain that doesn't match the current site.
Path
Restrict the cookie to a path — /, /admin, /api/v2, and so on.
Expiration
- Session — expires when the browser closes.
- Date/time — pick a specific expiry.
- Set a near-future expiry to watch a cookie disappear, then extend it again.
Secure
Require HTTPS. Recommended for anything sensitive.
HttpOnly
Block JavaScript access. Enable for auth tokens to reduce XSS exposure.
SameSite
- Strict — same-site requests only.
- Lax — top-level navigation, not cross-site (default).
- None — all requests; requires Secure.
- Unspecified — browser default (Lax).
Production Safety
On a production domain, Cookie Lens warns before a destructive edit or deletion. Review the change and confirm.
Deleting Cookies
Open a cookie and delete it. On production domains, deletion asks for confirmation. If a cookie keeps coming back, the server is re-setting it — see below.
When the Server Fights Back
Some cookies are re-set by the server on the next request, so a plain edit won't stick. Two tools help:
- Freeze the cookie — a background enforcer reverts any server (or page) change back to your value until you unfreeze it. See Freezing Cookies.
- Watch the Activity view to confirm whether your write landed and whether something overwrote it.
Testing Different States
To try the app under different cookie sets — logged-in vs guest vs admin — without hand-editing each cookie every time, save named Profiles and switch between them in one click. See Profiles.
Common Use Cases
Simulate localization
Change a lang=en cookie to lang=es and reload to see the localized UI.
Experiment with consent
Flip a cookieConsent=all cookie to cookieConsent=none and verify analytics
and tracking respond.
Debug expiry
Set a cookie's expiry a few seconds out, watch it expire in the Activity feed, then extend it.
See Also
- Parsing Values — decode and edit structured values.
- Freezing Cookies — keep a value from changing.
- Profiles — switch between whole cookie sets.
- Inspecting Cookies — understanding cookie attributes.