Can plugins read your cookies?

3063 views cookies
10

For example, if a website stores your username and passwords in cookies when you select the "keep me sign in" option, can plugins read the cookies when you access the website?

answered question

1 Answer

1

Browser plugins like EditThisCookie can read cookies from the website you're visiting. Cookies are basically small text files containing a small amount of information, for example preferences, session cookies and such.

Let's take a look into the source from the plugin i've mentioned in my answer. The source contains a lot of code to get all cookies and match the URL with the specific cookie. Also I found this in the source: chrome.cookies.getAll(). This function can read all the cookies stored in your browser.

Take a look at the snippet i've copied from the source:

chrome.cookies.getAll({}, function(cookieL) {
    for (var x = 0; x < cookieL.length; x++) {
        var cCookie = cookieL[x];
        if (filterMatchesCookie(filterURL, cCookie.name, cCookie.domain, cCookie.value)) {
            var cUrl = (cCookie.secure) ? "https://" : "http://" + cCookie.domain + cCookie.path;
            deleteCookie(cUrl, cCookie.name, cCookie.storeId, cCookie)
        }
    }
});

So to answer your question: yes, plugins can read your cookies.

posted this

Have an answer?

JD

Please login first before posting an answer.