Skip to main content
Version: Latest (1.1.0)

Cookie Lens

Cookie Lens treats cookies like a first-class debugging surface. It ships as a popup for a quick look and a DevTools panel for real work — a dense, sortable table where every cookie is structured data you can read, decode, edit, freeze, and audit. Privacy-first: host access is requested per site, only when you ask, and no value ever leaves your machine.

Why not the built-in Application tab?

Chrome's Application tab shows cookies as flat key-value strings — fine for a glance, painful for real debugging. Cookie Lens goes further:

  • It decodes JWT, JSON, Base64 and delimited values into an editable table, so you read what's actually inside a cookie instead of an opaque blob.
  • Its search matches the decoded value too — find a cookie by a claim buried inside a JWT, with a chip that explains the match.
  • Freeze pins a value so a background enforcer reverts any page or server change — no more chasing a cookie a script keeps resetting.

Decode any value

Auto-detects JWT, JSON, Base64 and delimited key/value cookies into an editable table that serializes back.

Smart search

Matches raw and decoded forms; a via JWT / base64 / URL chip explains an otherwise-invisible match.

New · 1.1.0

Page scope

Show only the cookies that apply to the current page — list, Delete All, export and import all narrow to it, keeping sibling subdomains out of the way.

Freeze

Pin a value and a background enforcer instantly reverts any page or server change — or deletion.

Profiles

Save named cookie sets and switch between logged-in, guest or admin scenarios in one click.

Activity feed

A live network tab for cookies: set / update / delete / expire events with value diffs.

New · 1.1.0

Rejected cookies

Surfaces Set-Cookie headers the browser silently dropped, with the exact reason — SameSite/Secure, prefix, size or third-party blocking.

Diff

Snapshot the cookie jar, run a flow, and compare exactly what was added, removed or changed.

Report

Scores every cookie and lists severity-ranked findings across security, privacy, hygiene and size — with fixes.

New · 1.1.0

Rolling-expiry

Flags trackers that renew their own lifetime — a sliding expiry that never lets the cookie die, even when the value rotates each visit.

New · 1.1.0

Consent (GDPR)

Reads the consent manager’s own cookie (OneTrust, Cookiebot, Didomi, IAB TCF…) and flags cookies set despite a rejected category or before consent.

New · 1.1.0

Reach explainer

Enter a URL and see which cookies would (and wouldn’t) be sent to it, with the reason each held-back cookie is excluded.

Value masking

Blur sensitive values while you screen-share or record, without changing the underlying cookies.

New · 1.1.0

Site access

Host access is granted per site, from your click — and every grant is listed in Settings so you can revoke any in one click.

Incognito

Works against the separate incognito cookie jar; its snapshots are purged when the private window closes.

Import & export

Move cookies as CSV or JSON — formula-injection guards, size caps, per-cookie failure reporting, and a foreign-domain warning on import.

Copy

Copy a cookie or the whole set as a cURL command, fetch() call, Cookie header, or Playwright storageState.

Set by Request

See which network request set or updated each cookie — its method, URL, status and Set-Cookie headers.

Who is it for?

  • Frontend engineers debugging session, auth, and consent behavior.
  • QA engineers testing cookie-dependent features across user states.
  • Backend engineers verifying server-set cookies, flags, and expiry.
  • Web platform & security teams auditing security, privacy, and size.

Privacy-first by design

All processing happens locally in your browser. Cookie Lens never sends cookie values anywhere, includes no analytics or telemetry, and loads no third-party scripts. Freeze and Profiles do persist cookie values in local extension storage — they must, to restore them — but nothing is transmitted off-device. See the Privacy Policy for the full breakdown.

Quick start

  1. Install Cookie Lens from the Chrome Web Store.
  2. Open the popup from the toolbar for the current tab, or press F12 / Cmd+Option+I and open the Cookie Lens panel in DevTools.
  3. Grant host access for the site when prompted (per-site, from your click).
  4. Browse, search, decode, and edit cookies — then explore the Report, Activity, Diff, Profiles, and Frozen views along the top.

Next steps