Cookies
HTTPBot keeps a shared cookie jar and lets each request carry the cookies that apply to its URL. Whether cookies are attached when you send, and whether responses can write new cookies back, is controlled by the Send Cookies and Store Cookies options in Request Settings.
Request cookies
Open the request … menu and choose Cookies to view the cookies that apply
to this request's URL. From here you can add, edit, and delete cookies that will
be sent with the request (subject to the Send Cookies setting).



Adding or editing a cookie
Tap + to add a cookie, or tap an existing one to edit it. A cookie has:
- Name — the cookie's name.
- Value — the cookie's value.
- Domain — the domain the cookie applies to (pre-filled from the request's URL).
- Expires — an optional expiry date.
Cookies also carry standard attributes such as Path, Secure, HttpOnly, and SameSite, which HTTPBot preserves when cookies are received from a server or imported.
To remove a cookie, swipe it or use its context menu and choose Delete.
Per-request cookies vs. the app-wide cookie store
The Cookies screen reached from a request shows the cookies relevant to that request's URL, but cookies are shared across the app. To see and manage every cookie HTTPBot has stored — across all domains — tap Manage Cookies from the request Cookies screen, or open it from the app's settings. This is the same shared cookie jar that the Send Cookies and Store Cookies settings draw from. See Settings & Storage for the app-wide view.



How it fits together
- Store Cookies decides whether responses can write into the shared cookie store.
- Send Cookies decides whether the matching stored cookies (plus any you've added on the request's Cookies screen) are attached when you send.
- Turning either off is a quick way to test how an endpoint behaves with and without cookies.