How to Automatically Delete Cookies (2026)

Managing cookies in Chrome is essential for privacy, security, and testing web applications. While manual cookie deletion works, automating the process saves time and ensures consistent hygiene. This guide covers multiple approaches to automatically delete cookies in Chrome, ranging from browser settings to command-line automation.

Chrome stores cookies in a SQLite database located in your user profile directory. The exact path varies by operating system:

  • Windows: %LOCALAPPDATA%\Google\Chrome\User Data\Default\Cookies
  • macOS: ~/Library/Application Support/Google/Chrome/Default/Cookies
  • Linux: ~/.config/google-chrome/Default/Cookies

Each cookie contains a name, value, domain, path, expiration, and security flags. Understanding this structure helps when automating cookie management.

Not all cookies deserve the same treatment. Before automating deletion, it helps to understand the categories:

  • Session cookies: No expiration date set. Chrome deletes these when the browser closes, though some persist if Chrome restores sessions on next launch.
  • Persistent cookies: Have an explicit expiration date. These survive browser restarts and accumulate over time.
  • Third-party cookies: Set by domains other than the one you’re visiting. Primarily used for tracking and advertising.
  • Secure cookies: Only transmitted over HTTPS. Deleting these forces re-authentication on secure sites.
  • HttpOnly cookies: Inaccessible to JavaScript. Deletion via CDP or direct file manipulation is the only programmatic route.

Most privacy-focused automation targets third-party persistent cookies while leaving first-party session cookies intact to preserve login state. Keep this distinction in mind as you choose your approach.

Chrome offers native settings to automatically delete cookies after a certain period. This requires Chrome 86 or later.

Steps to enable automatic cookie deletion:

  1. Open Chrome and navigate to chrome://settings/cookies
  2. Click “See all cookies and site data”
  3. Select “Keep local data only until you quit browser” for session-only cookies
  4. Or use “Delete cookies and site data when Chrome closes” under the general cookie settings

This approach works for users who want simple, no-code solutions. However, it lacks granularity, you cannot selectively delete certain cookies while keeping others.

Limitations of the built-in approach

The built-in setting is all-or-nothing. When you enable “Delete cookies when Chrome closes,” Chrome also deletes localStorage, sessionStorage, and IndexedDB data. If you use password managers that store data locally, or if web apps you rely on store preferences in localStorage, this setting will wipe those too.

For most end users who primarily want privacy cleanup, this trade-off is acceptable. For developers who need finer control, the methods below offer more precision.

Chrome’s experimental features include options for stricter cookie management. Navigate to chrome://flags/#cookie-controls to find:

  • Cookie Controls: Enable strict or moderate cookie blocking
  • Expiration-based cookie deletion: Automatically removes cookies older than a specified number of days

These flags change frequently as Chrome evolves, so check for updates if a flag disappears.

Using chrome://flags responsibly

Experimental flags are not stable features. Google ships them to gather usage data and may remove or change them without notice. If a flag-based workflow is central to your testing pipeline, document it and build a fallback. A good practice is to verify flag availability as part of your CI setup:

Check if a flag is available in the current Chrome version
google-chrome --version
If version < expected, fall back to CDP-based deletion

For production automation, prefer the CDP-based methods below over flags.

Method 3: Using Chrome DevTools Protocol for Automation

For developers, the Chrome DevTools Protocol (CDP) provides programmatic control over cookies. You can use this with Puppeteer, Playwright, or direct WebSocket connections.

Deleting cookies with Puppeteer:

const puppeteer = require('puppeteer');
async function clearAllCookies() {
 const browser = await puppeteer.launch();
 const page = await browser.newPage();
 // Delete all cookies
 const client = await page.target().createCDPSession();
 await client.send('Network.clearAllCookies');
 await browser.close();
}
clearAllCookies();

Deleting cookies for specific domains:

async function deleteCookiesForDomain(page, domain) {
 const client = await page.target().createCDPSession();
 const cookies = await client.send('Network.getAllCookies');
 const domainCookies = cookies.cookies.filter(
 cookie => cookie.domain.includes(domain)
 );
 for (const cookie of domainCookies) {
 await client.send('Network.deleteCookie', {
 name: cookie.name,
 domain: cookie.domain
 });
 }
}

This approach integrates well with automated testing workflows, ensuring each test starts with a clean cookie state.

Playwright equivalent

If you use Playwright instead of Puppeteer, the cookie API is slightly different but equally capable:

const { chromium } = require('playwright');
async function clearCookiesPlaywright() {
 const browser = await chromium.launch();
 const context = await browser.newContext();
 // Clear all cookies for the browser context
 await context.clearCookies();
 // Or clear cookies for a specific domain only
 const cookies = await context.cookies();
 const trackingCookies = cookies.filter(c =>
 c.domain.endsWith('.doubleclick.net') ||
 c.domain.endsWith('.googlesyndication.com')
 );
 // Playwright does not have a bulk delete by domain,
 // so re-set remaining cookies after filtering
 const cleanCookies = cookies.filter(c => !trackingCookies.includes(c));
 await context.clearCookies();
 await context.addCookies(cleanCookies);
 await browser.close();
}

Playwright’s context.clearCookies() also accepts a { name, domain, path } filter object in recent versions, making domain-scoped deletion cleaner than the Puppeteer approach.

Using CDP directly over WebSocket

If you are running Chrome with remote debugging enabled and want to control it without a Node.js library:

Launch Chrome with remote debugging
google-chrome --remote-debugging-port=9222 --user-data-dir=/tmp/chrome-profile

import websockets
import asyncio
import json
async def clear_cookies():
 # Get the debugger URL
 import urllib.request
 data = json.loads(urllib.request.urlopen('http://localhost:9222/json').read())
 ws_url = data[0]['webSocketDebuggerUrl']
 async with websockets.connect(ws_url) as ws:
 await ws.send(json.dumps({
 'id': 1,
 'method': 'Network.clearAllCookies'
 }))
 response = await ws.recv()
 print(f"Cleared cookies: {response}")
asyncio.run(clear_cookies())

This Python approach works when your automation stack is not Node.js-based, or when you need to control an already-running Chrome instance without launching a new one.

You can launch Chrome with flags to delete cookies on exit or restrict cookie storage. Create a dedicated profile for automated tasks:

macOS - Launch Chrome with cookie deletion on exit
open -a "Google Chrome" --args \
 --disable-features=NetworkService \
 --enable-features=PrivacySettingsRevamp \
 --incognito \
 --disable-cookies \
 --purge-cookie-store

The --purge-cookie-store flag forces Chrome to clear all cookies on startup. Combine this with automation scripts to create scheduled cookie deletion.

Creating isolated Chrome profiles for testing

A cleaner approach than modifying your default profile is creating a dedicated automation profile. This keeps your personal browsing data untouched:

Create a dedicated automation profile directory
mkdir -p ~/chrome-automation-profile
Launch Chrome with the dedicated profile
google-chrome \
 --user-data-dir="$HOME/chrome-automation-profile" \
 --no-first-run \
 --no-default-browser-check \
 --disable-background-networking \
 --safebrowsing-disable-auto-update

You can then delete the entire profile directory between test runs for a completely clean state:

Reset automation profile before each test suite
rm -rf ~/chrome-automation-profile && mkdir -p ~/chrome-automation-profile

This is more thorough than cookie deletion alone. it also clears localStorage, IndexedDB, cached resources, and service worker registrations.

Method 5: PowerShell Script for Windows Users

Windows users can use PowerShell to delete Chrome cookies directly from the database. This bypasses the browser interface entirely.

Delete Chrome cookies on Windows
$chromePath = "$env:LOCALAPPDATA\Google\Chrome\User Data\Default\Cookies"
if (Test-Path $chromePath) {
 # Close Chrome first to avoid database locks
 Stop-Process -Name "chrome" -Force -ErrorAction SilentlyContinue
 # Delete the cookies database
 Remove-Item -Path $chromePath -Force
 Write-Host "Chrome cookies deleted successfully"
}

For scheduled execution, create a Windows Task Scheduler task:

Create a scheduled task to delete cookies daily
$action = New-ScheduledTaskAction -Execute "PowerShell.exe" -Argument "-File C:\Scripts\Clear-ChromeCookies.ps1"
$trigger = New-ScheduledTaskTrigger -Daily -At "3AM"
Register-ScheduledTask -Action $action -Trigger $trigger -Name "Daily Chrome Cookie Cleanup"

Selective deletion using SQLite on Windows

If you want to delete only third-party or expired cookies rather than the entire database, you can query the SQLite file directly. Install the SQLite CLI or use the System.Data.SQLite .NET library:

Requires SQLite tools installed: https://www.sqlite.org/download.html
$chromePath = "$env:LOCALAPPDATA\Google\Chrome\User Data\Default\Cookies"
$sqlitePath = "C:\tools\sqlite3.exe"
Close Chrome first
Stop-Process -Name "chrome" -Force -ErrorAction SilentlyContinue
Delete expired cookies only
& $sqlitePath $chromePath "DELETE FROM cookies WHERE expires_utc < strftime('%s','now') * 1000000 + 11644473600000000;"
Delete third-party tracking cookies by known domains
& $sqlitePath $chromePath "DELETE FROM cookies WHERE host_key LIKE '%.doubleclick.net' OR host_key LIKE '%.googlesyndication.com';"
Write-Host "Selective cookie cleanup complete"

This preserves your first-party login cookies while removing trackers and expired entries.

macOS equivalent using shell script

#!/bin/bash
CHROME_COOKIES=~/Library/Application\ Support/Google/Chrome/Default/Cookies
Quit Chrome gracefully
osascript -e 'quit app "Google Chrome"'
sleep 2
Delete the Cookies database (SQLite file)
if [ -f "$CHROME_COOKIES" ]; then
 rm "$CHROME_COOKIES"
 echo "Cookies deleted."
else
 echo "Cookies file not found."
fi

Add this script to a launchd plist or cron job to run it on a schedule.

Method 6: Browser Extension for Manual Control

Several Chrome extensions provide UI-based cookie management with scheduling options. However, for security and privacy reasons, prefer extensions with open-source code and minimal permissions.

When choosing extensions, look for:

  • Minimal permission requirements
  • No data transmission to external servers
  • Scheduling capabilities
  • Domain-specific deletion options

Evaluating extension permissions

A cookie management extension legitimately needs the cookies permission and tabs or <all_urls> to read the current site’s domain. It does not need history, identity, or webRequest. If an extension requests those, it is collecting more data than it needs for cookie management.

Before installing, check the Chrome Web Store listing for the source repository link. An open-source extension with active maintenance and a public issue tracker is a significantly safer choice than a closed-source one.

Method 7: Using the Clear Browsing Data API

Chrome exposes a clear browsing data API that extensions can use. Create a simple extension for custom cookie deletion:

// background.js - Chrome Extension
chrome.browsingData.remove({
 "origins": ["https://example.com"]
}, {
 "cookies": true
}, function() {
 console.log("Cookies for example.com deleted");
});

The extension manifest requires the browsingData permission:

{
 "manifest_version": 3,
 "name": "Cookie Cleaner",
 "version": "1.0",
 "permissions": ["browsingData"],
 "background": {
 "service_worker": "background.js"
 }
}

Adding an alarm-based scheduler to the extension

A basic extension becomes much more useful when you add automatic scheduling. Chrome’s alarms API fires at defined intervals even when no browser tab is open:

// background.js - scheduled cookie cleanup
chrome.runtime.onInstalled.addListener(() => {
 // Schedule cleanup every 24 hours
 chrome.alarms.create('cookieCleanup', {
 delayInMinutes: 1,
 periodInMinutes: 1440
 });
});
chrome.alarms.onAlarm.addListener((alarm) => {
 if (alarm.name === 'cookieCleanup') {
 chrome.browsingData.remove({
 since: Date.now() - (7 * 24 * 60 * 60 * 1000) // older than 7 days
 }, {
 cookies: true
 }, () => {
 console.log('Weekly cookie cleanup complete');
 });
 }
});

Update the manifest to include the alarms permission:

{
 "manifest_version": 3,
 "name": "Scheduled Cookie Cleaner",
 "version": "1.1",
 "permissions": ["browsingData", "alarms"],
 "background": {
 "service_worker": "background.js"
 }
}

This runs without any user interaction and survives browser restarts because Chrome re-registers alarm listeners when the service worker wakes.

Method Comparison

Method Technical level Granularity Scheduled Cross-platform
Built-in settings None Low (all or nothing) On browser close Yes
Chrome flags Low Low No Yes
Puppeteer/Playwright Medium High Via cron/CI Yes
CDP via WebSocket High High External scheduler Yes
PowerShell + SQLite Medium High Task Scheduler Windows only
Shell script Low Low (full delete) cron/launchd macOS/Linux
Extension + alarms API Medium Medium Built-in Yes (Chrome)

For most developers, the Puppeteer or Playwright approach (Method 3) hits the right balance: high granularity, easy scheduling inside test runners, and no OS-specific setup. For non-developers who want automated cleanup without writing code, the built-in settings (Method 1) combined with a scheduled extension (Method 7) covers the use case well.

Security Considerations

When automating cookie deletion, consider these security practices:

  1. Close the browser before deleting cookie files to prevent database corruption
  2. Back up cookies if you need to restore sessions after deletion
  3. Use dedicated profiles for automation to avoid affecting your main browsing data
  4. Test scripts in a non-production environment first

Automated cookie deletion in testing pipelines can inadvertently delete authentication tokens that your test suite depends on for subsequent requests. Always capture required auth tokens before clearing cookies if your test flow requires authentication:

// Save auth cookie before clearing
const cookies = await context.cookies();
const authCookie = cookies.find(c => c.name === 'session_token');
await context.clearCookies();
// Restore only the auth cookie
if (authCookie) {
 await context.addCookies([authCookie]);
}

This pattern is common in test setups where you need a clean third-party cookie state but still need your test user to remain authenticated.

  • Security testing: Ensure no residual session data between tests
  • Privacy compliance: Automatically clear tracking cookies after browsing sessions
  • Development workflows: Reset application state between automated tests
  • Shared workstations: Maintain privacy on machines with multiple users

Automated cookie deletion supports GDPR compliance workflows. If your organization runs audits to verify that tracking cookies are not persisting beyond their consented lifetime, scheduled deletion scripts provide an audit trail. The PowerShell script combined with Task Scheduler, for example, logs each deletion run to a file you can include in compliance reports:

$logPath = "C:\Logs\cookie-cleanup.log"
$timestamp = Get-Date -Format "yyyy-MM-dd HH:mm:ss"
Add-Content -Path $logPath -Value "$timestamp - Chrome cookies deleted"

For teams subject to regular privacy audits, this kind of instrumentation is worth the minor additional setup.

Conclusion

Chrome provides multiple pathways to automatically delete cookies, from simple browser settings to advanced automation scripts. Choose the method that matches your technical comfort level and use case requirements. For developers, integrating cookie cleanup into testing pipelines ensures consistent, reliable results.

Try it: Paste your error into our Error Diagnostic for an instant fix.

I'm a solo developer in Vietnam. 50K Chrome extension users. $500K+ on Upwork. 5 Claude Max subscriptions running agent fleets in parallel. These are my actual CLAUDE.md templates, orchestration configs, and prompts. Not a course. Not theory. The files I copy into every project before I write a line of code. **[See what's inside →](https://zovo.one/lifetime?utm_source=ccg&utm_medium=cta-default&utm_campaign=chrome-delete-cookies-automatically)** $99 once. Free forever. 47/500 founding spots left.

Related Reading

Built by theluckystrike. More at zovo.one

Find the right skill → Browse 155+ skills in our Skill Finder.