Extracts and decrypts cookies from a Chromium-based browser's SQLite database.
Supports Chrome, Edge, Brave, Vivaldi, Opera, Arc, and Chromium.
Chrome 136+ (March 2025) intentionally broke all automation approaches that
rely on Chrome's own cookie access from subprocesses. The only proven solution
is to decrypt cookies ourselves from the OS credential store and inject them
into a Playwright BrowserContext via .addCookies.
Supports macOS, Linux, and Windows:
macOS:
Linux:
Windows:
All platforms:
sqlite3 CLIReferences:
Extracts and decrypts cookies from a Chromium-based browser's SQLite database. Supports Chrome, Edge, Brave, Vivaldi, Opera, Arc, and Chromium. Chrome 136+ (March 2025) intentionally broke all automation approaches that rely on Chrome's own cookie access from subprocesses. The only proven solution is to decrypt cookies ourselves from the OS credential store and inject them into a Playwright BrowserContext via `.addCookies`. Supports macOS, Linux, and Windows: macOS: 1. Read Safe Storage password from macOS Keychain (browser-specific entry) 2. Derive AES-128 key via PBKDF2(password, "saltysalt", 1003 iterations) 3. Decrypt cookies with AES-CBC Linux: 1. Read password from GNOME Keyring (secret-tool) or fall back to "peanuts" 2. Derive AES-128 key via PBKDF2(password, "saltysalt", 1 iteration) 3. Decrypt cookies with AES-CBC (v10 uses "peanuts", v11 uses keyring key) Windows: 1. Read encrypted_key from Local State JSON 2. Base64-decode, strip DPAPI prefix, decrypt via PowerShell DPAPI 3. Decrypt cookies with AES-256-GCM (nonce from cookie, 128-bit auth tag) All platforms: - Copy the Cookies SQLite file (browser locks it) - Query all cookies via `sqlite3` CLI - Map to Playwright Cookie objects References: - chrome-cookies-secure (Node.js, 172★) - yt-dlp/cookies.py - browser_cookie3 - Chromium os_crypt: os_crypt_mac.mm, os_crypt_linux.cc, os_crypt_win.cc
(copy-profile-dir! profile-dir)Copies a Chromium browser profile directory to a temp user-data-dir for use with launchPersistentContext. Creates a proper Chromium user-data-dir layout: the profile is copied into a 'Default' subdirectory, and the parent's 'Local State' file is copied alongside it.
Skips large cache directories and strips lock files, the Cookies database (cookies are injected separately via decryption and .addCookies), and Secure Preferences (contains path-specific HMACs that become invalid).
After copying, patches the Preferences file to set profile.exit_type to 'Normal' so Chromium doesn't trigger crash recovery on the copied profile.
Returns the path (String) to the temporary user-data-dir (pass this to launchPersistentContext, NOT the Default subdirectory inside it).
The copy preserves bookmarks, history, extensions, saved passwords, autofill data, preferences, and other profile data needed for a full browser experience.
Copies a Chromium browser profile directory to a temp user-data-dir for use with launchPersistentContext. Creates a proper Chromium user-data-dir layout: the profile is copied into a 'Default' subdirectory, and the parent's 'Local State' file is copied alongside it. Skips large cache directories and strips lock files, the Cookies database (cookies are injected separately via decryption and .addCookies), and Secure Preferences (contains path-specific HMACs that become invalid). After copying, patches the Preferences file to set profile.exit_type to 'Normal' so Chromium doesn't trigger crash recovery on the copied profile. Returns the path (String) to the temporary user-data-dir (pass this to launchPersistentContext, NOT the Default subdirectory inside it). The copy preserves bookmarks, history, extensions, saved passwords, autofill data, preferences, and other profile data needed for a full browser experience.
(export-cookies-json profile-dir domain-filter)(export-cookies-json profile-dir domain-filter include-local-storage?)(export-cookies-json profile-dir domain-filter include-local-storage? opts)Decrypts cookies and reads localStorage from a Chromium browser profile,
returning a Playwright-compatible storage-state JSON string. Supports Chrome,
Edge, Brave, and other Chromium browsers. The output can be saved to a file
and loaded with --storage-state on any platform.
Params:
profile-dir - String. Path to browser profile directory.
domain-filter - String or nil. Only include cookies/localStorage
whose domain/origin contains this string.
include-local-storage? - Boolean (default true). When true, also exports
localStorage from the profile's LevelDB.
opts - Optional map with:
:channel - String. CLI channel hint (e.g. "msedge").
Returns: String — Playwright storage-state JSON: {"cookies": [...], "origins": [{"origin": "...", "localStorage": [...]}]}
Decrypts cookies and reads localStorage from a Chromium browser profile,
returning a Playwright-compatible storage-state JSON string. Supports Chrome,
Edge, Brave, and other Chromium browsers. The output can be saved to a file
and loaded with `--storage-state` on any platform.
Params:
`profile-dir` - String. Path to browser profile directory.
`domain-filter` - String or nil. Only include cookies/localStorage
whose domain/origin contains this string.
`include-local-storage?` - Boolean (default true). When true, also exports
localStorage from the profile's LevelDB.
`opts` - Optional map with:
:channel - String. CLI channel hint (e.g. "msedge").
Returns:
String — Playwright storage-state JSON:
{"cookies": [...], "origins": [{"origin": "...", "localStorage": [...]}]}(extract-cookies profile-dir)(extract-cookies profile-dir opts)Extracts and decrypts all cookies from a Chromium browser profile directory.
Cross-platform: works on macOS (Keychain), Linux (GNOME Keyring/peanuts), and Windows (DPAPI + AES-GCM). Supports Chrome, Edge, Brave, Vivaldi, Opera, Arc, and Chromium.
Params:
profile-dir - String. Path to browser profile directory
(e.g. "~/Library/Application Support/Google/Chrome/Profile 1"
or "~/Library/Application Support/Microsoft Edge/Default")
opts - Optional map with:
:channel - String. CLI channel hint (e.g. "msedge", "chrome").
Used to detect the browser if not obvious from path.
Returns: java.util.List<Cookie> — Playwright Cookie objects with decrypted values.
Throws: ex-info on credential access failure, missing Cookies DB, or sqlite3 errors.
Extracts and decrypts all cookies from a Chromium browser profile directory.
Cross-platform: works on macOS (Keychain), Linux (GNOME Keyring/peanuts),
and Windows (DPAPI + AES-GCM). Supports Chrome, Edge, Brave, Vivaldi,
Opera, Arc, and Chromium.
Params:
`profile-dir` - String. Path to browser profile directory
(e.g. "~/Library/Application Support/Google/Chrome/Profile 1"
or "~/Library/Application Support/Microsoft Edge/Default")
`opts` - Optional map with:
:channel - String. CLI channel hint (e.g. "msedge", "chrome").
Used to detect the browser if not obvious from path.
Returns:
java.util.List<Cookie> — Playwright Cookie objects with decrypted values.
Throws:
ex-info on credential access failure, missing Cookies DB, or sqlite3 errors.(inject-cookies! context profile-dir)(inject-cookies! context profile-dir opts)Extracts cookies from a Chromium browser profile and injects them into a Playwright BrowserContext. Supports Chrome, Edge, Brave, and other Chromium browsers. Resilient: if batch injection fails, falls back to injecting cookies one-by-one and skips any that CDP rejects (e.g. invalid fields, expired).
Params:
context - BrowserContext instance.
profile-dir - String. Path to browser profile directory.
opts - Optional map with:
:channel - String. CLI channel hint (e.g. "msedge").
Extracts cookies from a Chromium browser profile and injects them into a
Playwright BrowserContext. Supports Chrome, Edge, Brave, and other Chromium
browsers. Resilient: if batch injection fails, falls back to injecting cookies
one-by-one and skips any that CDP rejects (e.g. invalid fields, expired).
Params:
`context` - BrowserContext instance.
`profile-dir` - String. Path to browser profile directory.
`opts` - Optional map with:
:channel - String. CLI channel hint (e.g. "msedge").(read-local-storage profile-dir)Reads localStorage data from a Chrome profile directory.
Parses the LevelDB database at <profile-dir>/Local Storage/leveldb/
and returns a map of origin to localStorage key-value pairs:
{"https://x.com" {"token" "abc123", "theme" "dark"}}
Only returns the LATEST live value for each key (highest sequence number wins). Deleted keys are excluded.
Params:
profile-dir - String. Path to Chrome profile directory.
Returns: Map of origin → {script-key → value}, or empty map if dir doesn't exist.
Reads localStorage data from a Chrome profile directory.
Parses the LevelDB database at `<profile-dir>/Local Storage/leveldb/`
and returns a map of origin to localStorage key-value pairs:
{"https://x.com" {"token" "abc123", "theme" "dark"}}
Only returns the LATEST live value for each key (highest sequence number
wins). Deleted keys are excluded.
Params:
`profile-dir` - String. Path to Chrome profile directory.
Returns:
Map of origin → {script-key → value}, or empty map if dir doesn't exist.cljdoc builds & hosts documentation for Clojure/Script libraries
| Ctrl+k | Jump to recent docs |
| ← | Move to previous article |
| → | Move to next article |
| Ctrl+/ | Jump to the search field |