Cookie Size Estimator
Measure the byte size of your cookies individually and in total, and check them against browser limits (4 KB per cookie). Useful for cookie-banner and performance UX. Runs in your browser.
4 cookies ยท 120 bytes total
| Cookie | Bytes |
|---|---|
| session_id | 23 |
| theme | 10 |
| _ga | 31 |
| consent | 56 |
โ Within typical browser limits.
Browsers limit each cookie to ~4096 bytes (name + value) per RFC 6265, with roughly 50 cookies and ~4 KB total per domain. Cookies ride along on every same-domain request, so trimming them speeds up requests.
About this tool
Cookies are small by design, and browsers enforce that: each cookie is limited to about 4096 bytes for its name and value combined, and a domain can hold only on the order of 50 cookies and a few kilobytes total. Exceed the per-cookie limit and the browser silently drops it โ a real and confusing source of bugs. This estimator measures each cookie's exact UTF-8 byte size, sums the total, and flags anything over the limits. Beyond correctness, size matters for performance: every cookie scoped to a domain is attached to every request to that domain โ including images, API calls, and assets โ so a few kilobytes of cookies adds that overhead to thousands of requests. The tool helps you spot a bloated analytics or consent cookie and trim it. Paste cookies as name=value lines or a raw Cookie header; everything is measured locally in your browser, so real session values never leave your machine.
How to use it
- Paste your cookies, one name=value per line, or a whole Cookie header.
- Read each cookie's byte size and the running total.
- Watch for red (over 4 KB per cookie) and amber (large total) warnings.
- Trim oversized cookies โ and remember they ride on every request.
Frequently asked questions
- What is the size limit for a cookie?
- Per RFC 6265, browsers must support at least 4096 bytes per cookie for the name and value combined. A cookie larger than that is typically rejected outright, so it never gets stored โ which looks like the cookie "not working".
- How many cookies can a domain have?
- Browsers are required to support at least 50 cookies per domain and around 3000โ4000 total. Practical guidance is to stay well under 50 per domain and a few kilobytes of total cookie data.
- Why does cookie size affect performance?
- Cookies scoped to a domain are sent in the request headers of every request to that domain โ pages, API calls, images, scripts. Several kilobytes of cookies therefore add up across many requests, increasing upload bytes and latency, especially on slow connections.
- How is the byte size measured?
- As the UTF-8 byte length of "name=value". Non-ASCII characters take multiple bytes, so a cookie that looks short can be larger than its character count โ which matters when you are near the 4096-byte limit.
- Do cookie attributes count toward the limit?
- The 4096-byte limit applies to the name and value. Attributes like Path, Domain, Expires, Secure, and SameSite are part of the Set-Cookie header but are generally not counted against the name+value storage limit. This tool measures name=value, the part that counts.
- Are my cookie values uploaded?
- No. All measurement runs in your browser with no network request, so you can safely paste real session cookies to check them.