MDN’s new design is in Beta! A sneak peek: https://blog.mozilla.org/opendesign/mdns-new-design-beta/

Enables WebExtensions to get and set cookies, and be notified when they change.

To use this API, you need to include the "cookies" API permission in your manifest.json file, as well as host permissions for the sites whose cookies you need to access. See cookie Permissions.

Types

cookies.Cookie
Represents information about an HTTP cookie.
cookies.CookieStore
Represents a cookie store in the browser.
cookies.OnChangedCause
Represents the reason a cookie changed.

Methods

cookies.get()
Retrieves information about a single cookie.
cookies.getAll()
Retrieves all cookies that match a given set of filters.
cookies.set()
Sets a cookie with the given cookie data; may overwrite equivalent cookies if they exist.
cookies.remove()
Deletes a cookie by name.
cookies.getAllCookieStores()
Lists all existing cookie stores.

Event handlers

cookies.onChanged
Fired when a cookie is set or removed.

Permissions

In order to use this API, an add-on must specify the "cookies" API permission in its manifest, along with host permissions for any sites for which it wishes to access cookies. The add-on may read or write any cookies which could be read or written by a URL matching the host permissions. For example:

http://*.example.com/

An add-on with this host permission may:

  • Read a non-secure cookie for www.example.com, with any path.
  • Write a secure or non-secure cookie for www.example.com, with any path.

It may not:

  • Read a secure cookie for www.example.com.
http://www.example.com/

An add-on with this host permission may:

  • Read a non-secure cookie for www.example.com, with any path.
  • Read a non-secure cookie for .example.com, with any path.
  • Write a secure or non-secure cookie for www.example.com with any path.
  • Write a secure or non-secure cookie for .example.com with any path.

It may not:

  • Read or write a cookie for foo.example.com.
  • Read or write a cookie for foo.www.example.com.
*://*.example.com/

An add-on with this host permission may:

  • Read or write a secure or non-secure cookie for www.example.com with any path.

Browser compatibility

ChromeEdgeFirefoxFirefox for AndroidOpera
CookieYesYes4548Yes
CookieStoreYesYes4548Yes
OnChangedCauseYesNo4548Yes
getYesYes4548Yes
getAllYesYes *4548Yes
getAllCookieStoresYesYes *4548Yes
onChangedYesNo4548Yes
removeYesYes4548Yes
setYesYes4548Yes

Edge incompatibilities

Promises are not supported in Edge. Use callbacks instead.

Chrome incompatibilities

None.

Example Add-ons

Acknowledgements

This API is based on Chromium's chrome.cookies API. This documentation is derived from cookies.json in the Chromium code.

Microsoft Edge compatibility data is supplied by Microsoft Corporation and is included here under the Creative Commons Attribution 3.0 United States License.

Document Tags and Contributors

 Contributors to this page: abbycar, wbamberg, chrisdavidmills, kmaglione, jpmedley, evilpie
 Last updated by: abbycar,