cookie
TLS Extension Code: 44
Extension Details
cookie440x002CWhat is cookie?
The Cookie extension in TLS 1.3 is used for stateless handshake retries when the server is under load or needs to verify client reachability (similar to SYN cookies in TCP). When a server receives a Client Hello but is not ready to complete the handshake, it can send a HelloRetryRequest with a cookie. The client must echo this cookie in the next Client Hello. This prevents resource exhaustion attacks and verifies that the client can receive packets at its claimed address. The cookie is opaque to the client and does not affect security.
Role in JA3 Fingerprinting
The cookie extension is part of the TLS Client Hello packet that JA3 analyzes to create a unique fingerprint of your browser or HTTP client.
JA3 Construction: JA3 concatenates TLS parameters including extensions in a specific format:
TLS_VERSION,CIPHERS,EXTENSIONS,CURVES,POINT_FORMATS
Different browsers and HTTP clients support different sets of TLS extensions, making this a key differentiator in fingerprinting. The presence, absence, or order of extensions like cookie can reveal:
- Browser type and version (Chrome, Firefox, Safari, Edge)
- Operating system (Windows, macOS, Linux, Android, iOS)
- HTTP library (curl, Python requests, Go http.Client, Node.js)
- Bot detection - automated tools often have distinctive extension sets
Test Your TLS Configuration
See if your browser or HTTP client includes the cookie extension in its TLS handshake:
The JA3 tool will show all TLS extensions your client advertises, including cookie.
Browser & Client Support
Modern Browser Support:
- Chrome/Edge: Full support for cookie
- Firefox: Full support for cookie
- Safari: Full support for cookie
HTTP Client Libraries:
- curl: Support varies by OpenSSL/LibreSSL version
- Python requests: Limited TLS extension control
- curl_cffi: Can mimic browser TLS configurations
- Scrapfly API: Automatically matches real browser TLS fingerprints
Related TLS Resources
TLS Extensions
Testing Tools
Technical References
- RFC Specification: RFC 8446 - TLS Extensions
- IANA Registry: TLS ExtensionType Values
- JA3 Project: JA3 - TLS Client Fingerprinting