Skip to main content
Version: 1.0.1

How to Edit Cookies

Opening the Editor

  1. Find the cookie in the Cookies view.
  2. Click the row to open its inline editor.
  3. Every field — the value and each attribute — is editable in place.

Editing the Value

  • The Value field shows the current value, decoded for display.
  • If the value is structured (JWT, JSON, Base64, or a delimited key/value format), you can edit it in decoded form — Cookie Lens re-encodes to the original format on save. See Parsing Values.
  • Values shown URL-decoded are re-encoded losslessly, so the stored bytes stay identical.
  • Click Save to apply, or discard to leave the cookie untouched.

Editing Attributes

Domain

  • .example.com — the domain and all subdomains.
  • example.com — the exact domain only.

Chrome may reject a domain that doesn't match the current site.

Path

Restrict the cookie to a path — /, /admin, /api/v2, and so on.

Expiration

  • Session — expires when the browser closes.
  • Date/time — pick a specific expiry.
  • Set a near-future expiry to watch a cookie disappear, then extend it again.

Secure

Require HTTPS. Recommended for anything sensitive.

HttpOnly

Block JavaScript access. Enable for auth tokens to reduce XSS exposure.

SameSite

  • Strict — same-site requests only.
  • Lax — top-level navigation, not cross-site (default).
  • None — all requests; requires Secure.
  • Unspecified — browser default (Lax).

Production Safety

On a production domain, Cookie Lens warns before a destructive edit or deletion. Review the change and confirm.

Deleting Cookies

Open a cookie and delete it. On production domains, deletion asks for confirmation. If a cookie keeps coming back, the server is re-setting it — see below.

When the Server Fights Back

Some cookies are re-set by the server on the next request, so a plain edit won't stick. Two tools help:

  • Freeze the cookie — a background enforcer reverts any server (or page) change back to your value until you unfreeze it. See Freezing Cookies.
  • Watch the Activity view to confirm whether your write landed and whether something overwrote it.

Testing Different States

To try the app under different cookie sets — logged-in vs guest vs admin — without hand-editing each cookie every time, save named Profiles and switch between them in one click. See Profiles.

Common Use Cases

Simulate localization

Change a lang=en cookie to lang=es and reload to see the localized UI.

Flip a cookieConsent=all cookie to cookieConsent=none and verify analytics and tracking respond.

Debug expiry

Set a cookie's expiry a few seconds out, watch it expire in the Activity feed, then extend it.

See Also