Why does my login cookie not show up?

Secure login systems set the HttpOnly flag on session cookies so JavaScript cannot read them — this tool uses document.cookie and respects that. DevTools → Application → Cookies can inspect them if needed.

I deleted a cookie and it came back — why?

Another script on the page is re-setting it. Analytics, consent banners, and some embedded widgets do this. Look at the Network tab to find the culprit.

Is it safe to reveal values?

Reveal exposes the values in the DOM on this page only — CheckMySys does not send them anywhere. Still, avoid revealing on a shared screen.

Cookie Viewer

Total size

0 B

Scope

Last read 5:08:47 AM

No JavaScript-visible cookies on . HttpOnly cookies (used by most login systems) are hidden from this API and are not shown.

How to use the cookie viewer

The table shows every cookie that JavaScript on this origin can read via document.cookie. Values are masked by default because cookies often carry session tokens — click Reveal values to show them in plain text.

HttpOnly cookies are intentionally hidden. The HttpOnly flag was created specifically to keep authentication cookies out of reach of JavaScript — and therefore out of this tool. That is a feature, not a bug. Chrome DevTools → Application → Cookies can show them if you need to inspect them.

Delete writes an expired replacement cookie with path=/, the current path, and no path. That works for most cookies but may not remove cookies scoped to a specific subpath or domain suffix the tool cannot see. If a cookie keeps reappearing after deletion, something on the page (an analytics script, for example) is re-setting it.

Privacy: the tool reads cookies in JavaScript and displays them on this page only. Nothing is sent to a server. You can confirm this in the DevTools Network tab — no request fires when you click Reveal or Delete.

Related tools

See every cookie JavaScript can read on this origin, with values masked by default. Reveal and delete individually — or all at once.