Vega WebView Cookie Manager
The WebView cookie manager is useful for the following:
- Adding a serialized cookie for a URL in a cookie store, which is attached to the cookie request header for the outgoing request.
- Clearing all cookies from the cookie store.
How cookies are stored
WebView manages cookies by keeping temporary session cookies in active memory for fast access, while securely saving persistent cookies to the app's private storage directory. Persistent cookies are those with specific expiration dates. Developer inspect and manipulate this stored state by enabling remote debugging and using the Chrome DevTools application panel on connected device. This interface provides a way to view all active cookies on your current origin (the page's scheme, domain, and port), allowing you to live-edit values, manually clear data, and verify important security attributes like HttpOnly, Secure, and SameSite are applied correctly.
To troubleshoot why a cookie isn't behaving as expected, switch to the DevTools Network panel to monitor the Cookie and Set-Cookie headers exchanged during network requests. This helps you identify rejected cookies, syntax errors, and cross-site policy violations.
Cookie manager details
A cookie object can have the following fields:
| Field | Type | Required? (Y/N) | Description |
|---|---|---|---|
name |
string | Y | name means the name for the pair. |
value |
string | Y | 'value' means the cookie value of the pair. A cookie is rejected if it has an empty value. It results in a no-op. If any other value is present, the value field will be preserved as an empty value. |
path |
string | N | The value of the path attribute specifies the subset of URLs on the origin server for this cookie. If no specified path is given, the assumed path is the Uniform Resource Identifiers (URI) that sets the cookie. |
domain |
string | N | The value of the domain attribute specifies the domain for which the cookie is valid. If no specified domain is given, the domain becomes inaccessible to its subdomains. |
version |
string | N | Identifies the version of the state management specification for the cookie. The default value is an empty string. |
expires |
string | N | Indicates the maximum lifetime of the cookie as an HTTP-date timestamp. Expected as an ISO8601 string. If no expiration string is given, the cookie is treated as a session cookie, which persists until the user closes their WebView session. |
secure |
boolean | N | Restricts the cookie to HTTPS connections, to keep it secure. |
httpOnly |
boolean | N | Prevents JavaScript from accessing the cookie through document.cookie. |
export interface Cookie {
name: string;
value: string;
path?: string;
domain?: string;
version?: string;
expires?: string;
secure?: boolean;
httpOnly?: boolean;
}
Adding a URL cookie in the cookie store
CookieManager.set(url:string, Cookie:object)
Here's an example:
import { CookieManager } from "@amazon-devices/webview";
CookieManager.set('https://YOUR_URL_HERE.com', {
name: 'Test-Cookie',
value: 'Test-Cookie-Value',
path: '/',
version: '1',
expires: '2024-01-01T12:30:00.00-05:00',
}).then((status) => {
console.log('CookieManager.set =>', status);
});
Clearing all cookies in the cookie store
CookieManager.clearAll()
Here's an example:
import { CookieManager } from "@amazon-devices/webview";
CookieManager.clearAll().then((status) => {
console.log('CookieManager.clearAll =>', status);
});
Notes:
- The
set()method sets a single cookie for the URL. - For any existing cookie with the same name, the host and path are replaced. The Domain value sets the host of the cookie as described in this Set-Cookie doc.
- The cookie store ignores expired cookies.
- The WebView instance shares the cookie store. Different apps don't share the cookie store. A common engine, which includes the cookie store, shares multiple WebView instances in the same app.
- The React Native layer of the app can't read the cookie store at this point.
Related topics
Last updated: Apr 27, 2026
