I need to set a cookie before I issue a request to a Web site using Fiddler. How do I do this?
Asked
Active
Viewed 4.4k times
7 Answers
68
Simple...You need to set a header value, with your request, like so:
Cookie: YourCookieName=YourCookieValue
RayLoveless
- 19,880
- 21
- 76
- 94
-
2This doesn't set the cookie in a way that the client knows that the cookie is there. The line specified will also effectively "hide" all other cookies. – EricLaw Oct 28 '13 at 23:52
-
7Just stumbled upon this now as this question is high in Google. For multiple cookies use `Cookie: CookieName1=CookieVal1; CookieName2=CookieVal2` and for path/protocol details use `Cookie: CookieName1=CookieVal1; CookieName2=CookieVal2; path=/; HttpOnly` – EvilDr Aug 13 '14 at 09:04
-
1If you have multiple cookies from "set-cookie" you must append them all onto one line in the request "cookie" header with "; " delimited. – escape-llc Mar 08 '22 at 17:09
24
To do this using the FiddlerScript engine, add the following code into the onBeforeRequest method:
oSession.oRequest["Cookie"] = (oSession.oRequest["Cookie"] + ";YourCookieName=YourCookieValue");
This will preserve any other cookies that have been set.
DesLFC
- 241
- 2
- 3
-
2I use this one-liner to "replace" the value of a cookie and set the cookie value. It also handles the case where the Cookie header wasn't part of the initial request. `oSession.oRequest['Cookie'] = oSession.oRequest['Cookie'] ? oSession.oRequest['Cookie'].Replace("YourCookieName=","ignoredYourCookieName=") + ";YourCookieName=YourCookieValue" : "YourCookieName=YourCookieValue";` – Tim Lewis Feb 10 '15 at 21:12
8
You need to be more specific about what you're trying to do.
You can edit (or add) an outbound Cookie header to send a cookie to the website. You can do this either manually or via the FiddlerScript engine. But that doesn't "set" the cookie on the client-- it simply sends it to the server. If you want to set a cookie on the client, you either have to use another means, or you can inject a Set-Cookie response header on a previous response from the server, with the value you want to set on the client.
EricLaw
- 56,563
- 7
- 151
- 196
-
2Thanks Eric, setting the outbound cookie header is precisely what I want to do. (BTW Fiddler is a most excellent tool, I'm working in a team of about 250 developers, each of which use it pretty much every day. We find it just the ticket for diagnosing low-level issues with REST services.) – Jeremy McGee Jul 27 '10 at 19:33
5
You can also use the Fiddler Composer.
- Run Fiddler
- Open the Composer Tab on the top.
It's easiest if you can start with another request from your web site. To do this capture a the request you want to modify, then drag it from the UI to the composer tab.
A good explanation is here: http://www.debugtheweb.com/Fiddler/help/composer.asp
Rich Wagenknecht
- 712
- 7
- 16
2
Fiddler allows your to resend/rebuild an existing request. There is a Request Builder. While rebuilding in the RAW form, modify your cookies.
ankitjaininfo
- 11,961
- 7
- 52
- 75
-
2That's fine for existing requests - but this is a new request that requires a cookie. – Jeremy McGee Jul 27 '10 at 09:13
1
This solution is valid for Cookie based authentication:
If you want to test the API/url which have authentication enabled, please try following, i am showing for MVC web API on IIS server. usually there are more than 1 cookie responsible for authorization, so you may need to send more than 1 cookie in header as follows:
User-Agent: Fiddler Host: localhost:51000 content-Type: application/json Cookie : .ASPXAUTH=xxxxx;ASP.NET_SessionId=yyyy;__RequestVerificationToken=zzzz
0
When running Fiddler as a reverse Proxy you can modify the response headers via FiddlerScript by adding a line in the OnBeforeResponse method:
static function OnBeforeResponse(oSession: Session) {
// ...
oSession.oResponse["Set-Cookie"] = "sessionToken=abc123; Expires=Wed, 09 Jun 2021 10:18:14 GMT";
}
Also check Fiddler docs about Modifying a Request or Response for more info.
Thomas
- 2,368
- 20
- 22