Note: For learning and communication purposes only. Strictly prohibited for commercial use. Please delete within 24 hours and do not share on social platforms. If this project is useful to you, please give it a star. It really helps me a lot, thank you!

English | 简体中文

Cookie-share is a Chrome extension that allows users to send and receive cookies between different devices or browsers. It can be used for multi-account switching, sharing video memberships, co-renting planets, and other scenarios. A self-hosted Cloudflare Worker ensures data security.

Download Link

Many websites do not support multi-account switching and you don't want to log out and log in again?

You have a video membership but your friends always find it cumbersome to scan a code?

You share a certain planet with classmates and want to recover health points?

Just too lazy to take out your phone or enter the password to switch device logins?

1. Go to the homepage of a logged-in website (any URL that contains cookies)
2. Click the extension icon, customize an ID (only letters and numbers are supported), and send the cookie
3. On a device that is not logged in, visit the login page, use the previously set ID to retrieve the cookie, wait for the plugin to display that the cookie has been retrieved and set successfully, then refresh the page

Tested websites:

1. A certain planet
2. A certain art platform
3. A certain L site

• Generates random unique IDs for cookie sharing
• Sends cookies from the current tab to the server
• Receives and sets cookies to the current tab from the server
• Admin functionality for managing stored cookies
• Supports HTTPOnly cookies that JS cannot access due to higher plugin permissions

1. Clone this repository or download the source code.
2. Open Chrome and navigate to chrome://extensions/.
3. Enable "Developer mode" in the top right corner.
4. Click "Load unpacked" and select the directory containing the extension files.

1. Enable Developer mode in Chrome/Edge browser (Extensions page)
2. Drag and drop the modified cookie-share.zip directly into the browser
3. Click the Cookie-share icon in the Chrome toolbar.
4. Send cookies from a logged-in browser page
5. Accept cookies on an unlogged browser page
6. Make sure not to add / at the end of the address, for example: https://your-worker-name.your-subdomain.workers.dev

Deployment can be similar to https://linux.do/t/topic/115004

1. Register a Cloudflare account and create a Worker.
2. Copy the content of _worker.js to the newly created Worker.
3. In the Cloudflare Worker settings, add the following environment variables:
   • ADMIN_PASSWORD: Set a strong password for accessing admin endpoints
   • COOKIE_STORE: Create a KV namespace for storing cookie data
4. Bind the KV namespace in the Worker settings:
   • Variable name: COOKIE_STORE
   • KV namespace: Select the KV namespace you created
5. Save and deploy the Worker.
6. Note the Worker URL, which is similar to: https://your-worker-name.your-subdomain.workers.dev (if blocked, please customize the domain)

• Ensure that ADMIN_PASSWORD is set to a strong password and change it regularly.
• Do not hard-code ADMIN_PASSWORD in the code, always use environment variables.
• Regularly review stored data and delete cookies that are no longer needed.
• Consider setting expiration times for cookie data to reduce the risk of storing sensitive information long-term.

The backend is implemented as a Cloudflare Worker, providing the following endpoints:

Remember to add X-Admin-Password: yourpassword

Example:

/admin/list-cookies

curl --location --request GET 'https://your-worker-name.your-subdomain.workers.dev/admin/list-cookies' \
--header 'X-Admin-Password: yourpassword'

/admin/delete

curl --location --request DELETE 'https://your-worker-name.your-subdomain.workers.dev/admin/delete?key={yourid}' \
--header 'X-Admin-Password: yourpassword'

• POST /send-cookies: Store cookies associated with a unique ID
• GET /receive-cookies: Retrieve cookies for a given ID
• GET /admin/list-cookies: List all stored cookie IDs and URLs
• POST /admin/create: Create new data entries
• GET /admin/read: Read data for a given key
• PUT /admin/update: Update data for a given key
• DELETE /admin/delete: Delete data for a given key
• DELETE /admin/delete-all: Delete all stored data
• GET /admin/list: List all stored data

Admin endpoints require authentication with the admin password.

• manifest.json: Extension configuration file
• popup.html: HTML structure of the extension popup
• popup.js: JavaScript for handling user interactions and cookie operations
• style.css: CSS styles for the popup
• _worker.js: Cloudflare Worker script for backend operations

Modifying the extension:

1. Edit relevant files (popup.html, popup.js, style.css).
2. Reload the extension in Chrome to view changes.

Modifying the backend:

1. Edit the _worker.js file.
2. Deploy the updated Worker to Cloudflare.

• The extension uses HTTPS for all communications with the backend.
• Admin endpoints are password-protected.
• Implement input validation to prevent injection attacks.
• Cookies are securely stored on the server and cannot be accessed without a unique ID.

• Only admin interfaces are provided, no admin pages (unknown update time)

Welcome contributions! Feel free to submit Pull Requests.

MIT