Cookie Security Checker
Free online cookie security checker and scanner. Scan any website to discover all cookies, check Secure, HttpOnly, and SameSite flags, verify cookie prefixes, and get actionable security recommendations.
Results in seconds · Free · No credit card
What We Check
Full cookie inventory scan
Secure flag verification
HttpOnly attribute check
SameSite policy analysis
Cookie prefix validation (__Host-, __Secure-)
Session vs persistent cookie identification
How It Works
1
Enter any website URL to scan
2
We fetch the page and capture all Set-Cookie response headers
3
Each cookie is analyzed for security attributes (Secure, HttpOnly, SameSite)
4
Cookie prefixes and expiration settings are verified
5
You receive a full report with fix recommendations for each cookie
Security Checks Included
This tool runs the following security checks on your website
Frequently Asked Questions
What is a cookie security checker?
A cookie security checker is a free online tool that scans a website and lists all cookies it sets, along with their security attributes. It helps you verify that cookies are configured securely and comply with best practices like using Secure, HttpOnly, and SameSite flags.
How do I check cookie security on a website?
Enter the website URL in our cookie security checker above. We'll scan the site, identify all cookies from Set-Cookie headers, and show their security attributes including Secure, HttpOnly, and SameSite flags with recommendations.
What is the Secure cookie flag?
The Secure flag ensures cookies are only sent over HTTPS connections. Without it, cookies can be intercepted on insecure networks. Our cookie security checker verifies this flag on every cookie.
What is the HttpOnly flag?
HttpOnly prevents JavaScript from accessing cookies via document.cookie, protecting against XSS attacks that try to steal session tokens. It's one of the most important cookie security attributes.
What is the SameSite attribute?
SameSite controls when cookies are sent with cross-site requests. Setting it to 'Strict' or 'Lax' protects against CSRF attacks. Our cookie security scanner checks this attribute on all cookies.
Why should I scan my website's cookie security?
Cookie security scanning helps you identify risks like missing HttpOnly flags on session cookies, missing Secure flags, and improper SameSite settings that could expose users to session hijacking, XSS, and CSRF attacks.
Is this cookie security checker free?
Yes, our cookie security checker is completely free. It's part of SecScanner's free security scanning toolkit that includes 22 free checks covering cookies, SSL, headers, DNS, and more.
Ready to Check Your Website?
Run a free security scan now and get instant results with actionable fix recommendations.
Results in seconds · Free · No credit card