New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.
This site will be read-only for 3-4 hours starting at Sunday, 08:00AM PDT
Starred by 202 users

Issue metadata

Status: Fixed
Closed: Feb 2013
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 2
Type: Bug

issue selenium:818

Sign in to add a comment

chrome.cookies fails for localhost domains

Reported by, Sep 19 2010 Back to list

Issue description

Call chrome.cookies.set({domain: "localhost", name: "foo", value: "bar", url: "http://localhost/"});

Expect: Cookie to be set

Get: Error during cookies.set: Failed to parse or set cookie named "foo".

Comment 1 by, Sep 20 2010

Labels: -Area-Undefined Area-Internals
Status: Invalid
You can only set domain cookies for registry controlled domains, i.e. something ending in .com or so, but not IPs or intranet hostnames like localhost

Comment 2 by Deleted ...@, Aug 2 2011

Why wouldn't you allow cookies for 'localhost'? As a developer this is quite annoying...

Comment 3 by, Oct 27 2011

I am in the same boat. I love chrome, but my work needs me to work on localhost... so I have to use Firefox, and I lose all my favorite features and interfaces.

Comment 4 by, Nov 15 2011

Some companies as the one I am working for do not have dns servers for security reasons.
So some internal web based applications have ip adresses assigned. Now none of them works with Chrome any more. 
Even when adding in /etc/hosts the ip adress and the host it isn't working.
I think this is not a smart move for Chrome.

please explain why you consider setting cookies for localhost or IPs as invalid.

also please give the RFC(s) that state that this is invalid.
please answer to comment #5

Answer comment #5

Comment 8 by, Apr 2 2012

Bump too.

Please answer comment #5

Comment 9 by Deleted ...@, Apr 12 2012


Answer comment #5.
As for now, Chrome users will get a notification using our systems, and are asked to install a proper browser that don't fiddle with stuff like this.

Comment 10 by Deleted ...@, May 25 2012


Please answer comment #5.

Actually we do not use chrome any more in our company because our intranet sites is not available
Please answer comment #5.

Comment 12 Deleted

I've have faced a problem in chrome and IE9,
working on localhost, when I use the function setcookie() in PHP and give it all the parameters, the cookie won't be stored!! which is not the case for FF and Opera!!,
but when I try it just with the cookie name, the value, and the expiry date parameters all goes right and the cookie is stored...and now here are the two PHP codes that I have used:

Function with all of the parameters: 
setcookie( 'reloginID', $digest, time()+60*60*24*7, '/', 'localhost', false, true); /*=== Works normaly in FF and Opera ===*/

Function with less parameters:
 setcookie( 'reloginID', $digest, time()+60*60*24*7); 

So can any one explain that ...
Thank you in advance ;)
The problem in your code is the parameter "localhost". This is the topic of this discussion: Chromium has introduced a limit that prevents cookies to work when the parameter "domain" is used with the value "localhost". It surprised everyone and they do not explain very clearly why they introduced this limitation ...
Thanks for clarifying.

Comment 16 by Deleted ...@, Jul 11 2012

Very surprised by this!  What is the reasoning?
 Issue 137827  has been merged into this issue.

Comment 19 by Deleted ...@, Aug 10 2012

Bump.  Still a problem nearly 2 years later.  Please address, or at the very least try to defend your incorrect position so we can fault your reasoning and get a developer to accept that the issue needs fixing.

Comment 20 Deleted

Comment 21 by Deleted ...@, Aug 19 2012

I have no idea?

Comment 22 by Deleted ...@, Aug 27 2012

While being different and innovative is nice, this "feature", even if its not part of the specs, is used by so many people, especially developers, me included.  

Please answer comment #5 and introduce a way to enable Cookies on localhost, even though a hack with the hosts file can fix it.

Comment 24 by Deleted ...@, Nov 11 2012


Comment 25 by Deleted ...@, Nov 12 2012


Comment 26 by Deleted ...@, Nov 21 2012

Please answer comment #5 

Comment 27 by Deleted ...@, Nov 26 2012

Dear Google just what are you doing? I really don't need to mention this but I will. As a web developer from the very early days before even web developers ever really existed, some 18 years ago nearly. I find it impossible to understand your logic at not including the facility to accept cookies from a localhost server. I would expect many thousands of developers are scratching their heads at this, even now.

I only recently decided to start using Chrome as well as other browsers to make sure the sites that I design and code are as near to the original design as possible. Every browser has its quirks and I like many thousands of others would expect and require this facility within a web browser. So why?

ACME Expense Report.xlsx
16.9 KB Download

Comment 29 by Deleted ...@, Dec 3 2012

For those who have encountered this issue with localhost or other non-registered domains, removing the domain= part from the cookie will allow the cookie to be set for the requesting domain, but not any subdomains. In PHP, use NULL for domain.

Comment 30 by Deleted ...@, Dec 5 2012

Workaround for developers using /etc/hosts: it looks weird, but just add a .com to whatever name you were using for,, etc. work fine in /etc/hosts and that way Chrome will accept the cookies.

Comment 31 Deleted

Comment 33 by Deleted ...@, Jan 26 2013


Still bumping question #5 (why are localhost or local IP cookies invalid?). 
To those getting notifications, sorry.
Project Member

Comment 35 by, Mar 10 2013

Labels: -Area-Internals Cr-Internals
I can't believe this STILL has not been fixed. The safest way to develop, is to develop locally, try to do nastiness locally, and after it is hardened then publish. I can't do that with your browser because of this dumb bug ... 
Everything has been said. As web developers most of us create/test a site on localhost before uploading..
I have been having to use Firefox to develop locally. This is annoying as it does not have my favorite developer toolset.

Please add support or give us a work around.

Comment 39 by Deleted ...@, Apr 18 2013

I use IE for development. Its really frustrating.

Comment 40 by Deleted ...@, Apr 28 2013

I just spent hours trying to figure out why my cookies weren't being accepted from a "localhost" ajax response. It would really be nice to have this feature.
I found a solution. Until they fix this, I only test for firefox and IE. 
It clearly doesn't work, moving to another browser is our only option for commercial product development. Hello, anybody home?

Comment 43 by Deleted ...@, Jul 11 2013

Dear google you are WASTING our time.

Comment 44 by Deleted ...@, Jul 11 2013

RFC 2965 (, section 3.3.2 states "[reject cookie if]  The value for the Domain attribute contains no embedded dots, and the value is not .local". 

Not sure, but that might be the reason why these cookies are rejected and might answer comment #5. Would be nice to get that confirmed by Google...
same problem here. I really would like to use chrome when working on my localhost ....

Comment 46 by, Aug 12 2013

Google...why make a developer's life so hard?  

Please fix this
"+1 Me too ! "

Comment 48 Deleted

I have been using --enable-file-cookies on my shortcut and it allows me to use local cookies. This might just be the fix you are looking for!
Needed because I work in locations where internet is often not available, hence need local dev environments.

Comment 51 by, Nov 26 2013

Is this for real?  How come the other browsers allow this and Chrome does not?

I don't understand the rational behind rejecting this issue instead of fixing it.

Comment 52 by, Nov 26 2013

I guess the simplest fix is to add an entry to the hosts file, like

and then calling instead of just localhost.

but having said that, this restriction is ridiculous IMO.

#5 is still waiting for answer.

As #44 mentions RFC 2965 explains the reasoning behind 'localhost'
And yes, since localhost is technically a top level domain, you could argue that it would be safest not to accept cookies.. You also wouldn't want it to accept a cookie for the entire .com TLD.

For local IP adresses, I have not a clue why...

A better alternative would be to ask the user whether to accept or deny a cookie in these situations.

Comment 54 by Deleted ...@, Jun 26 2014

I'd love to hear explanation too. This is VERY annoying.

Comment 55 by, Jun 27 2014

Just spend two hours trying to understand what is going on with a new intranet test server.

#5 still need an answer!
#52 nailed it, i edit my hosts file to make things flow better in general
#5 in November of 2011 is still unanswered.....

Comment 58 by Deleted ...@, Aug 26 2014

I am not sure its relevant but i came to this article searching for the similar issue. In my case i was passing localhost as Cookie domain and testing on localhost. The Set-Cookie header was being passed to web browser but cookie was not being created and was not being passed back to server on subsequent requests.

I found this article on SOF

which says
when working on localhost (!) the cookie-domain must be set to "" or NULL or FALSE instead of "localhost"

Source of reference is:

This solution works fine for me.

I hope it helps someone...


Pls, answer #5.
why not just edit the hosts file and the vhosts file to match?
At the very least, can we get a message in console? "REJECTED COOKIE FOR ____ REASON" This is a stupid bug. It works in Firefox, and I'm confused as to why those of us with static hosts can't make this work here..

If the set-cookie header is encountered and the domain does not have two dots, we should warn in the console.

Comment 62 by Deleted ...@, Jul 21 2015

Silly bug that seems unnecessary since fixing it presents no issues... other than resolution, lol
they are very obviously oblivious to their user base or developers... which is why I no longer give a crap what my sites look like in Chrome.
I am in the same boat. I love chrome, but my work needs me to work on localhost... so I have to use Firefox, and I lose all my favorite features and interfaces.

Comment 65 by Deleted ...@, Sep 14 2015

I have not read all the previous comments but I am able to set, delete, altar and read cookies on localhost in Chrome. Just use the local host IP address or with or without the http:// infront of it. If you have apps that require a domain name add a workaround thatchanges back to the ip address after the app has been satisfied.
Project Member

Comment 66 by, Nov 7 2015

The following revision refers to this bug:

commit e99453bd606cfba6902d82d1e363826d21b0c6a8
Author: mkwst <>
Date: Sat Nov 07 10:33:25 2015

Treat exact domain match cookies on public suffixes as host cookies.

Historically, we've rejected any cookie with a `domain` attribute for
hosts that we treat as public suffixes. This patch loosens that stance
by treating cookies whose domain attribute exactly matches the host as
host cookies.

This matches the language in step 5 of section 5.3 of RFC 6265
(, and
matches both Firefox and IE's behavior.

BUG= 56211 , 551906,

Review URL:

Cr-Commit-Position: refs/heads/master@{#358523}


Comment 67 by, Nov 11 2015

Labels: M-49
Status: Fixed

Comment 68 by, Nov 11 2015

 Issue 551906  has been merged into this issue.
wow really?
See comment #4 I have almost exactly the same problem.

Comment 71 Deleted

Comment 72 Deleted

Sign in to add a comment