Skip to main content

Save Cookies

Encrypts and saves browser cookies to a secure file using AES encryption. This node is essential for preserving authenticated browser sessions between automation runs.

Common Properties

  • Name - The custom name of the node.
  • Color - The custom color of the node.
  • Delay Before (sec) - Waits in seconds before executing the node.
  • Delay After (sec) - Waits in seconds after executing node.
  • Continue On Error - Automation will continue regardless of any error. The default value is false.
info

If the ContinueOnError property is true, no error is caught when the project is executed, even if a Catch node is used.

Inputs

  • Save Path - Path where the encrypted cookie file will be saved. Must be a valid file path. Example: C:\cookies\session.dat or /home/user/cookies/session.dat
  • Cookies - Array of cookie objects to encrypt and save. Typically obtained from the Get Cookies node in the Browser package.

Options

  • AES Key - AES encryption key in hexadecimal format for encryption. Must be a valid 16, 24, or 32-byte hex string (32, 48, or 64 hex characters) for AES-128, AES-192, or AES-256 respectively. Store this key securely in a Vault credential.

How It Works

The Save Cookies node performs the following operations:

  1. Validates the save path and cookies input
  2. Converts browser cookies to a standardized JSON format
  3. Serializes the cookies to JSON
  4. Retrieves the AES encryption key from credentials
  5. Encrypts the cookie data using AES-CBC with PKCS7 padding
  6. Writes the encrypted data to the specified file

Each cookie object should contain the following properties:

  • name - Cookie name (required)
  • value - Cookie value (required)
  • domain - Domain for which the cookie is valid
  • path - Path within the domain
  • expires - Expiration timestamp in RFC3339 format
  • maxAge - Maximum age in seconds
  • secure - Boolean indicating if cookie is secure (HTTPS only)
  • httpOnly - Boolean indicating if cookie is HTTP only (not accessible via JavaScript)
  • sameSite - SameSite attribute (0=None, 1=Lax, 2=Strict)

Examples

Example 1: Save Session After Login

// After logging into a website, save the session cookies
// 1. Use Open Browser to navigate and login
// 2. Use Get Cookies to retrieve session cookies
// 3. Use Save Cookies to store them securely

// The cookies from Get Cookies are automatically available in msg.cookies
// Save Path: C:\sessions\linkedin-session.dat
// AES Key: Use a vault credential with a 64-character hex key

Example 2: Save Multiple Domain Cookies

// Save cookies from multiple domains after complex authentication
// The Get Cookies node returns all cookies from the current page
// These can include cookies from multiple domains

// Save Path: /home/user/sessions/multi-domain-session.dat
// Cookies: msg.cookies (from Get Cookies node)
// AES Key: {{vault.session_encryption_key}}

Example 3: Periodic Session Backup

// Periodically save session during long-running automation
// This allows resuming if the automation is interrupted

// Save Path: C:\temp\backup-session-{{datetime}}.dat
// Cookies: msg.cookies
// AES Key: {{vault.backup_key}}

Best Practices

Security

  • Use Vault Credentials: Always store AES keys in Robomotion's Vault, never hardcode them
  • Use Strong Keys: Generate random 32-byte (256-bit) keys for maximum security
  • Unique Keys per Project: Use different encryption keys for different projects or environments
  • Secure Storage: Store encrypted cookie files in protected directories with appropriate permissions

Key Generation

To generate a secure AES key, you can use:

Python:

import secrets
key = secrets.token_hex(32)  # Generates a 64-character hex string for AES-256
print(key)

Node.js:

const crypto = require('crypto');
const key = crypto.randomBytes(32).toString('hex');
console.log(key);

Online Tools: Use a cryptographically secure random hex generator

File Management

  • Descriptive Names: Use descriptive file names like linkedin-session.dat or gmail-cookies.dat
  • Organized Storage: Keep cookie files organized by project or purpose
  • Regular Cleanup: Delete old or unused cookie files
  • Backup Important Sessions: Keep backups of critical authenticated sessions

Workflow Integration

  • After Authentication: Save cookies immediately after successful login
  • Before Critical Operations: Save cookies before long-running or risky operations
  • Session Validation: Combine with error handling to re-authenticate if cookies are invalid
  • Periodic Updates: For long-running bots, periodically update saved cookies to capture refreshed tokens

Error Handling

The node will return specific errors in the following cases:

  • ErrInvalidArg: "Path cannot be empty" - No save path provided
  • ErrInvalidArg: "Failed to get cookies" - Invalid or missing cookies input
  • ErrRuntime: "Failed to convert cookies" - Cookies are not in the expected format
  • ErrRuntime: "Failed to serialize cookies" - Error converting cookies to JSON
  • ErrCredentials: "Failed to get AES key" - AES key credential not found or inaccessible
  • ErrCredentials: "AES key not found in credentials" - Credential doesn't contain the key value
  • ErrInvalidArg: "Invalid hex key format" - AES key is not valid hexadecimal
  • ErrRuntime: "Failed to encrypt cookies" - Encryption operation failed
  • ErrRuntime: "Failed to write cookie file" - Cannot write to the specified path (permission denied, directory doesn't exist, etc.)

Common Issues and Solutions

Issue: "Invalid hex key format"

Cause: The AES key is not in valid hexadecimal format

Solution: Ensure your key contains only characters 0-9 and a-f, with length 32, 48, or 64 characters

Cause: The directory doesn't exist or insufficient permissions

Solution:

  • Verify the directory exists (create it if necessary)
  • Check write permissions for the directory
  • Use absolute paths instead of relative paths

Issue: Cookies Not Working After Loading

Cause: Cookies may have expired or are domain-specific

Solution:

  • Save cookies immediately after login while they're fresh
  • Ensure you're loading cookies for the same domain
  • Check cookie expiration times

Issue: "Failed to convert cookies"

Cause: Cookie data is not in the expected array format

Solution:

  • Verify cookies come from the Get Cookies node
  • Check that msg.cookies is an array of cookie objects
  • Ensure cookie objects have name and value properties

Usage Notes

  • The encrypted file is in binary format and cannot be read without the correct AES key
  • Cookie files are platform-independent and can be used across Windows, Linux, and macOS
  • The same AES key used to save cookies must be used to load them
  • Cookies include session tokens, authentication data, and preferences
  • Large numbers of cookies (100+) will create larger encrypted files but are handled efficiently
  • The node uses AES-CBC mode with random IV (Initialization Vector) for each encryption
  • Each save operation creates a new encrypted file; it doesn't append to existing files
  • Load Cookies - Load and decrypt cookies from an encrypted file
  • Get Cookies - Retrieve cookies from a browser session
  • Set Cookies - Set cookies in a browser session
  • Open Browser - Open a browser for web automation