cowboy_req:filter_cookies - Filter cookie headers


filter_cookies(Names, Req) -> Req

Names :: [atom() | binary()]

Filter cookie headers.

This function is meant to be used before attempting to parse or match cookies in order to remove cookies that are not relevant and are potentially malformed. Because Cowboy by default crashes on malformed cookies, this function allows processing requests that would otherwise result in a 400 error.

Malformed cookies are unfortunately fairly common due to the string-based interface provided by browsers and this function provides a middle ground between Cowboy's strict behavior and chaotic real world use cases.

Note that there may still be crashes even after filtering cookies because this function does not correct malformed values. Cookies that have malformed values should probably be unset in an error response or in a redirect.

This function can be called even if there are no cookies in the request.



The cookies that should be kept.


The Req object.

Return value

The Req object is returned with its cookie header value filtered.


  • 2.7: Function introduced.


Filter then parse cookies
Req = cowboy_req:filter_cookies([session_id, token], Req0),
Cookies = cowboy_req:parse_cookies(Req).

See also

cowboy_req(3), cowboy_req:parse_cookies(3), cowboy_req:match_cookies(3)

Cowboy 2.7 Function Reference


Version select

Like my work? Donate!

Donate to Loïc Hoguin because his work on Cowboy, Ranch, Gun and is fantastic:

Recurring payment options are also available via GitHub Sponsors. These funds are used to cover the recurring expenses like food, dedicated servers or domain names.