The Cookie HTTP request header contains stored HTTP cookies associated with the server (i.e. previously sent by the server with the Set-Cookie header or set in Javascript using Document.cookie).
The Cookie header is optional and may be omitted if, for example, the browser's privacy settings block cookies.
| Header type | Request header |
|---|---|
| Forbidden header name | yes |
Syntax
Cookie: <cookie-list>
Cookie: name=value
Cookie: name=value; name2=value2; name3=value3- <cookie-list>
- A list of name-value pairs in the form of
<cookie-name>=<cookie-value>. Pairs in the list are separated by a semicolon and a space ('; ').
Examples
Cookie: PHPSESSID=298zf09hf012fh2; csrftoken=u32t4o3tb3gg43; _gat=1
Specifications
| Specification | Title |
|---|---|
| RFC 6265, section 5.4: Cookie | HTTP State Management Mechanism |
Browser compatibility
BCD tables only load in the browser
The compatibility table in this page is generated from structured data. If you'd like to contribute to the data, please check out https://github.com/mdn/browser-compat-data and send us a pull request.