Set-Cookie HTTP Header
Set-Cookie
A cookie sent from the server to be set on the client
Multiple Allowed
This header can occur multiple times in a response.
Accepted Values
A cookie has a name and value, and is then followed by an optional number of options, each seperated by a semi-colon.- <name>=<value>
Cookie name and value. The value can be enclosed in double quotes, and must only contain ASCII characters (excluding control, space, quotes, comma, semi-colon, and backslashes.
- domain
The domain to which the cookie is applied.
- expires=<date>
The date at which the cookie expires.
expires=<day-name>, <day> <month> <year> <hour>:<minute>:<second> GMT- httponly
Prevent JavaScript from accessing the cookie.
- max-age=<integer>
The number of seconds until the cookie expires.
max-age=4- path
The path on the domain to which the cookie is applied.
- samesite=<option>
Control whether cookies are sent with cross-domain requests
Options:
strict
The cookie is sent only for same-domain requests.lax
The cookie is sent when navigating to the site from an external resource, but is not sent on cross-domain requests.none
The cookie sent for cross-domain and same-domain requests.
- secure
The cookie is only sent over https.
Example
Set-Cookie: login=logintoken; Expires=Mon, 1 Oct 2021 03:04:005 GMT, Domain=apple.com
Parse
Enter a Set-Cookie header below to parse and return details about it.
Reference
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie