← Back to library
Cypressauthadvancedv10+
Read and assert a cookie
Use cy.getCookie() to retrieve a named cookie and assert its value and security flags.
1it('auth cookie is set with correct security flags', () => {
2 cy.request('POST', '/api/login', {
3 email: 'user@test.com',
4 password: 'secret',
5 });
6
7 // getCookie() returns the cookie object — chain assertions on properties
8 cy.getCookie('auth_token').should('exist').then((cookie) => {
9 expect(cookie.httpOnly).to.be.true; // JS must not be able to read it
10 expect(cookie.secure).to.be.true; // must only transmit over HTTPS
11 });
12});#cookie#getCookie#httpOnly#secure#assert