Some websites require custom cookies to grant access to protected resources, maintain session state, or simulate authenticated browsing. wget can send these cookies directly from a file or through custom headers, allowing scripted downloads that replicate browser-based interactions.
By exporting cookies from a browser and feeding them to wget, it’s possible to continue authenticated sessions or mimic human browsing behavior. This approach eases automation, enabling batch downloads of resources otherwise gated by login pages or session-based checks.
Care should be taken to handle these cookies securely. Avoid distributing or exposing them in logs or repositories, as they may contain sensitive information granting unauthorized access if compromised.
Steps to use custom cookies with Wget:
- Export cookies from a browser into a cookies.txt file.
Several browser extensions or developer tools can export cookies in Netscape format, compatible with wget.
- Review the exported cookie file to ensure correctness.
$ cat cookies.txt
Check domain, path, expiration, and secure flags to confirm validity.
Field Description Domain The domain of the cookie. Usually set to the domain of the website. Flag A boolean field (TRUE/FALSE) indicating if the cookie is accessible across subdomains. Path The path to which the cookie is available. Secure Indicates if the cookie should only be sent over HTTPS. Expiration Unix timestamp indicating when the cookie expires. Name The name of the cookie. Value The value of the cookie. - Edit the cookie file if needed, maintaining its format.
$ nano cookies.txt
- Use the --load-cookies option to send cookies with the request.
$ wget --load-cookies cookies.txt https://www.example.com/download.zip
wget includes all cookies from the file, preserving session state as if browsing normally.
- Pass cookies manually via the --header option if not using a file.
$ wget --header="Cookie: SESSIONID=abcd1234; USERID=JohnDoe" https://www.example.com
This method works well for quick tests or when only a few cookies are needed.
- Inspect the downloaded file to confirm that the server responded as expected.
$ ls $ cat downloaded-page.html
- Protect or remove the cookie file after use to prevent unauthorized access.
$ chmod 600 cookies.txt $ rm cookies.txt
Always safeguard or discard sensitive cookie files.
Mohd Shakir Zakaria is an experienced cloud architect with a strong development and open-source advocacy background. He boasts multiple certifications in AWS, Red Hat, VMware, ITIL, and Linux, underscoring his expertise in cloud architecture and system administration.
Comment anonymously. Login not required.