AES Encryption Explained: How It Works and Why It Matters
Jun 23, 2026
Parse and decode HTTP cookies. Extract name, value, and attributes from Cookie and Set-Cookie headers.
| # | Name | Value | Domain | Path | Expires | Max-Age | Secure | HttpOnly | SameSite |
|---|
An HTTP Cookie (web cookie, browser cookie) is a small piece of data sent from a server to a user's web browser. The browser stores the cookie and sends it back with subsequent requests to the same server, enabling stateful behavior in the stateless HTTP protocol.
Cookies are defined in RFC 6265 and are used for session management, personalization, tracking, and authentication. The Set-Cookie header is sent by the server to create cookies, and the Cookie header is sent by the browser to return them.
Cookie header is sent by the browser to the server, containing key=value pairs separated by semicolons. Set-Cookie header is sent by the server to the browser, containing the cookie name/value plus optional attributes. A single response can have multiple Set-Cookie headers.
Cookie values are often URL-encoded to safely store special characters. For example, a value like hello%20world would be decoded to hello world. This tool automatically URL-decodes cookie values for readability.
SameSite is a security attribute that controls when cookies are sent in cross-site requests. Lax (default) sends cookies for top-level navigations using safe methods. Strict only sends cookies for same-site requests. None sends cookies for all requests (requires Secure flag).
Yes. Paste multiple Set-Cookie headers (one per line or concatenated) and the tool will parse each one and display them as separate rows in the results table.
Yes. All parsing and building happens entirely in your browser using JavaScript. No data is sent to any server. Your cookie data never leaves your device.
Blog
Jun 23, 2026
Jun 23, 2026
Jun 23, 2026
Jun 23, 2026
Jun 23, 2026
Jun 23, 2026