How to send Cookies with cURL?

Learn how to send cookies using cURL to manage session data effectively. This guide provides a straightforward approach to enhance your data extraction tasks by handling HTTP cookie values efficiently.

Best practices

Ensure cookies are formatted correctly, especially when setting multiple cookies, to avoid any syntax errors that could prevent them from being sent properly.
When using a cookie file, make sure it adheres to the Netscape cookie file format to ensure compatibility with cURL.
Use the -c option to save cookies from server responses, which can be useful for handling session-specific data in subsequent requests.
When passing cookies directly in the header, ensure proper encoding and formatting to maintain the integrity of the data.

# Set a single cookie using the -b/--cookie option
curl -b "sessionid=123456" https://sandbox.oxylabs.io/products

# Set multiple cookies
curl -b "sessionid=123456; userid=78910" https://sandbox.oxylabs.io/products

# Use a cookie file
echo "sandbox.oxylabs.io\tFALSE\t/\tFALSE\t0\tsessionid\t123456" > cookies.txt
curl -b cookies.txt https://sandbox.oxylabs.io/products

# Pass cookies in the header
curl -H "Cookie: sessionid=123456; userid=78910" https://sandbox.oxylabs.io/products

# Save cookies received from server to a file
curl -c saved_cookies.txt https://sandbox.oxylabs.io/products

# Use saved cookies for subsequent requests
curl -b saved_cookies.txt https://sandbox.oxylabs.io/products

Common issues

Ensure that the domain and path in your cookie file correctly match the request URL to avoid cookies being rejected by the server.
Regularly update your cookie values and expiration times to reflect the current session states, especially when dealing with authentication cookies.
Verify that your cookies do not contain sensitive data in plaintext; consider encrypting values to enhance security.
Test your cURL commands in a controlled environment to ensure that cookies are being sent and received as expected before deploying in a production environment.

# Incorrect domain in cookie file
echo "incorrect-domain.com\tFALSE\t/\tFALSE\t0\tsessionid\t123456" > cookies.txt
curl -b cookies.txt https://sandbox.oxylabs.io/products

# Correct domain and path in cookie file
echo "sandbox.oxylabs.io\tFALSE\t/\tFALSE\t0\tsessionid\t123456" > cookies.txt
curl -b cookies.txt https://sandbox.oxylabs.io/products

# Using outdated cookie values
curl -b "sessionid=expired123456; userid=old78910" https://sandbox.oxylabs.io/products

# Using updated and current cookie values
curl -b "sessionid=new123456; userid=new78910" https://sandbox.oxylabs.io/products

# Sending sensitive data in plaintext
curl -b "sessionid=123456; creditcard=1234567890123456" https://sandbox.oxylabs.io/products

# Sending encrypted cookie values
curl -b "sessionid=123456; creditcard=encrypted_value_here" https://sandbox.oxylabs.io/products

# Testing without verification in a production environment
curl -b "sessionid=test_session" https://sandbox.oxylabs.io/products

# Testing in a controlled development environment first
curl -b "sessionid=test_session" https://dev.sandbox.oxylabs.io/products