92

I am using bash to POST to a website that requires that I be logged in first, so I need to send the request with my login cookie. I tried logging in and keeping the cookies, but it doesn't work because the site uses javascript to hash the password in a really weird fashion, so instead I'm going to just take my login cookies for the site from Chrome. How do get the cookies from Chrome and format them for Curl?

I'm trying to do this:

curl --request POST -d "a=X&b=Y" -b "what goes here?" "site.com/a.php"
Improve this question

7 Answers 7

Reset to default
154
  1. Hit F12 to open the developer console (Mac: Cmd+Opt+J)
  2. Look at the Network tab.
  3. Do whatever you need to on the web site to trigger the action you're interested in
  4. Right click the relevant request, and select "Copy as cURL"

This will give you the curl command for the action you triggered, fully populated with cookies and all. You can of course also copy the flags as a basis for new curl commands.

Improve this answer
Sign up to request clarification or add additional context in comments.

9 Comments

Doesn't copy cookies in chrome 44
Can't confirm nor disprove on chrome 44. But it definitely works with chrome 45.
I have the same issue. Cookies are note being copied and I'm using Chrome 45. I copy them manually by @user2537361 answer below.
If the request is in pending state and you copy it as cURL, it doesn't copy cookies. After request finishes with some status, you can copy it as cURL with cookies. I think it is because server might tell to browser delete cookies and if you copy it before finished, you might have old cookies.
Chrome 72.0.3626.119 also seems to not copy cookies
|
19

Can't believe no one has mentioned this. Here's the easiest and quickest way.

Simply open up your browser's Developer Tools, click on the Console tab, and lastly within the console, simply type the following & press ENTER...

console.log(document.cookie)

The results will be immediately printed in proper syntax. Simply highlight it and copy it.

Improve this answer

2 Comments

I wouldn't call it proper format. It prints a semicolon-separated list, whereas the proper syntax has a bunch of TRUE / FALSE thingies.
Nice solution but unfortunately it won't work for HttpOnly cookies.
17

In Chrome:

  • Open web developer tools (view -> developer -> developer tools)
  • Open the Application tab (on older versions, Resources)
  • Open the Cookies tree
  • Find the cookie you are interested in.

In the terminal

  • add --cookie "cookiename=cookievalue" to your curl request.
Improve this answer

3 Comments

You can specify multiple via 'name1=value1; name2=value2'.
I needed to triple click the cookie to get to select
No need. Right Click on a request under Network > Header Options > Cookies. And copy the curl again.
4

I was curious if others were reporting that chrome doesn't allow "copy as curl" feature to have cookies anymore.

It then occurred to me that this is like a security idea. If you visit example.com, copying requests as curl to example.com will have cookies. However, copying requests to other domains or subdomains will sanitize the cookies. a.example.com or test.com will not have cookies for example.

Improve this answer

1 Comment

I can confirm this is the case, at least in Chrome 66.
3

For anyone that wants all of the cookies for a site, but doesn't want to use an extension:

  • Open developer tools -> Application -> Cookies.
  • Select the first cookie in the list and hit Ctrl/Cmd-A
  • Copy all of the data in this table with Ctrl/Cmd-C

Now you have a TSV (tab-separated value) string of cookie data. You can process this in any language you want, but in Python (for example):

import io
import pandas as pd

cookie_str = """[paste cookie str here]"""

# Copied from the developer tools window.
cols = ['name', 'value', 'domain', 'path', 'max_age', 'size', 'http_only', 'secure', 'same_party', 'priority']

# Parse into a dataframe.
df = pd.read_csv(io.StringIO(cookie_str), sep='\t', names=cols, index_col=False)

Now you can export them in Netscape format:

# Fill in NaNs and format True/False for cookies.txt.
df = df.fillna(False).assign(flag=True).replace({True: 'TRUE', False: 'FALSE'})
# Get unix timestamp from max_age
max_age = (
    df.max_age
    .replace({'Session': np.nan})
    .pipe(pd.to_datetime))
start = pd.Timestamp("1970-01-01", tz='UTC')
max_age = (
    ((max_age - start) // pd.Timedelta('1s'))
    .fillna(0)  # Session expiry are 0s
    .astype(int))  # Floats end with ".0"
df = df.assign(max_age=max_age)

cookie_file_cols = ['domain', 'flag', 'path', 'secure', 'max_age', 'name', 'value']
with open('cookies.txt') as fh:
  # Python's cookiejar wants this header.
  fh.write('# Netscape HTTP Cookie File\n')
  df[cookie_file_cols].to_csv(fh, sep='\t', index=False, header=False)

And finally, back to the shell:

# Get user agent from navigator.userAgent in devtools
wget -U $USER_AGENT --load-cookies cookies.txt $YOUR_URL
Improve this answer

1 Comment

For the record, under Ubuntu, ctrl-A, ctrl-C didn't work - I had to manually select the cookies by dragging the selection. Also Developer tools -> Application -> cookies isn't so obvious if you're not used to Developer tools: "Application" is under a tab that you only see by clicking a » to the right of other tabs.
0

Another solution - Login via Post Request

  • Login via POST request

  • Save the cookie

  • Then make your requests.

Improve this answer

Comments

-1 
let cookies_object = {}

cookie_array = document.cookie.split("; ");

cookie_array.forEach((element) => {
    const key_value = element.split("=");
    cookies_object[key_value[0]] = key_value[1];
});

console.log(cookies_object);

This code splits the document.cookie string into individual cookie key-value pairs and adds them to the cookies_object

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.