Cookie Security Flag Analyzer

Review Set-Cookie headers to ensure key security flags are present. This helps reduce session theft risk and align cookies with modern browser behavior.

How to use the Cookie Security Flag Analyzer

Paste the Set-Cookie header.
Click Analyze.
Review missing or weak flags.

Common use cases

Auditing session cookies before release.
Comparing cookie settings across environments.
Debugging SameSite-related issues.
Reviewing cookies set by third-party services.

Tips & notes

Use Secure for HTTPS-only cookies.
HttpOnly helps protect against XSS access.
Choose an appropriate SameSite value for your flow.

Related security tools

HTTP Security Headers Diff Tool
CSP Header Tool
CORS Policy Risk Checker

FAQ

Do I need all flags?

Most session cookies should include them.

Does this parse all attributes?

It checks the most common security flags.

Does it validate cookie prefixes?

No. It focuses on flags, not prefixes like __Host-.