Paste Set-Cookie headers and check Secure, HttpOnly, SameSite, Partitioned and prefix rules.
Cookies-
Warnings-
SameSite coverage-
Cookie mistakes are easy to miss in raw headers. This checker reviews each pasted Set-Cookie line and calls out missing attributes that affect browser behavior.
Checks included
The tool reviews Secure, HttpOnly on sensitive-looking cookies, SameSite values, SameSite=None plus Secure, Partitioned plus Secure, Max-Age and Expires formatting, duplicate names, size and the special prefix rules for __Host-, __Secure-, __Http- and __Host-Http- cookies.
Limits
It does not decide whether a cookie is necessary or compliant for a specific product. It only reviews the header attributes you paste.