Dev Tools · 2h ago
Free browser tool inspects cookie security, flags XSS/CSRF risks
A developer built a free, client-side HTTP Cookie Inspector that parses Set-Cookie headers and scores security from 0 to 100. The tool flags missing Secure, HttpOnly, or SameSite attributes and warns of XSS/CSRF risks. It runs entirely in the browser with 84 passing tests.
Meridian48 take
Useful for developers, but the security scoring is simplistic and shouldn't replace a proper audit.
Read the full reporting
I built a browser-only HTTP Cookie Inspector — parse Set-Cookie, security score, XSS/CSRF flags, 84 tests →
DEV Community
cookie-inspectorsecurity-tools