Cookies are data files stored by web browsers to maintain user sessions and track user activity. These files contain information such as user login credentials, preferences, and session data. Every time the browser makes a request to a website, it sends the relevant cookies to the server, allowing it to recognize and serve personalized content.

cURL can work with cookie files, specifically in the Netscape HTTP cookie file format. This format is a simple text file where each line represents a cookie, separated by tabs. Browsers such as Chrome, Firefox, and Safari use this format to store cookies, which can then be utilized in command-line operations or HTTP requests using cURL. Understanding this format allows for manual control over how cookies are used.

Manually creating a cookie file for cURL gives precise control over the HTTP requests sent. You can either create the cookie file from scratch or edit an existing one saved from a browser session. This process ensures that only the desired cookies are sent, which is useful for tasks such as scripting, automation, or testing.

  1. Open a text editor.
  2. Write the cookie information using the Netscape cookie file format.
    # Domain      Tailmatch Path  Secure  Expiry      Name      Value
  3. Set the domain where the cookie is valid.
    # Domain      Tailmatch Path  Secure  Expiry      Name      Value 
    .example.com

    The domain should start with a dot, indicating the cookie is valid for all subdomains. Without the dot, the cookie is restricted to the specific domain.

  4. Specify if the cookie applies to all machines within the domain.
    # Domain      Tailmatch Path  Secure  Expiry      Name      Value 
    .example.com  TRUE

    TRUE means the cookie is accessible across all machines in the domain. FALSE restricts the cookie to the specific domain.

  5. Set the path for the cookie validity.
    # Domain      Tailmatch Path  Secure  Expiry      Name      Value 
    .example.com  TRUE      /

    The path defines the directory or subdirectories where the cookie is valid. A path of “/” means the cookie is valid for the entire site.

  6. Indicate if the cookie requires a secure connection.
    # Domain      Tailmatch Path  Secure  Expiry      Name      Value 
    .example.com  TRUE      /     TRUE

    If TRUE, the cookie will only be sent over secure connections like HTTPS. If FALSE, the cookie can be sent over any connection.

  7. Set the cookie's expiration in UNIX timestamp format.
    # Domain      Tailmatch Path  Secure  Expiry      Name      Value 
    .example.com  TRUE      /     TRUE    1672531199

    The expiration time is a UNIX timestamp indicating when the cookie will expire. After this time, the cookie will not be sent with requests.

  8. Enter the cookie name.
    # Domain      Tailmatch Path  Secure  Expiry      Name      Value 
    .example.com  TRUE      /     TRUE    1672531199  SessionID

    The cookie name serves as an identifier for the cookie.

  9. Specify the cookie value.
    # Domain      Tailmatch Path  Secure  Expiry      Name      Value 
    .example.com  TRUE      /     TRUE    1672531199  SessionID 1234567890abcdef

    The value holds the data the cookie stores and sends to the server.

  10. Save the file with a .txt extension.
  11. Add another line if you need to store multiple cookies.
    # Domain      Tailmatch Path  Secure  Expiry      Name      Value
    .example.com  TRUE      /     TRUE    1672531199  SessionID 1234567890abcdef
    .example.com  TRUE      /     TRUE    1672531199  UserID    myid
  12. Use the created cookie file in your cURL commands.
    $ curl -b "manual-cookies.txt" http://www.example.com/dashboard
Discuss the article:

Comment anonymously. Login not required.