InternetGetCookieEx function

The InternetGetCookieEx function retrieves data stored in cookies associated with a specified URL. Unlike InternetGetCookie, InternetGetCookieEx can be used to restrict data retrieved to a single cookie name or, by policy, associated with untrusted sites or third-party cookies.


BOOL InternetGetCookieEx(
  _In_        LPCTSTR lpszURL,
  _In_        LPCTSTR lpszCookieName,
  _Inout_opt_ LPTSTR  lpszCookieData,
  _Inout_     LPDWORD lpdwSize,
  _In_        DWORD   dwFlags,
  _In_        LPVOID  lpReserved


lpszURL [in]

A pointer to a null-terminated string that contains the URL with which the cookie to retrieve is associated. This parameter cannot be NULL or InternetGetCookieEx fails and returns an ERROR_INVALID_PARAMETER error.

lpszCookieName [in]

A pointer to a null-terminated string that contains the name of the cookie to retrieve. This name is case-sensitive.

lpszCookieData [in, out, optional]

A pointer to a buffer to receive the cookie data.

lpdwSize [in, out]

A pointer to a DWORD variable.

On entry, the variable must contain the size, in TCHARs, of the buffer pointed to by the pchCookieData parameter.

On exit, if the function is successful, this variable contains the number of TCHARs of cookie data copied into the buffer. If NULL was passed as the lpszCookieData parameter, or if the function fails with an error of ERROR_INSUFFICIENT_BUFFER, the variable contains the size, in BYTEs, of buffer required to receive the cookie data.

This parameter cannot be NULL or InternetGetCookieEx fails and returns an ERROR_INVALID_PARAMETER error.

dwFlags [in]

A flag that controls how the function retrieves cookie data. This parameter can be one of the following values.


Enables the retrieval of cookies that are marked as "HTTPOnly".

Do not use this flag if you expose a scriptable interface, because this has security implications. It is imperative that you use this flag only if you can guarantee that you will never expose the cookie to third-party code by way of an extensibility mechanism you provide.

Version:  Requires Internet Explorer 8.0 or later.


Retrieves only third-party cookies if policy explicitly allows all cookies for the specified URL to be retrieved.


Retrieves only cookies that would be allowed if the specified URL were untrusted; that is, if it belonged to the URLZONE_UNTRUSTED zone.


lpReserved [in]

Reserved for future use. Set to NULL.

Return value

If the function succeeds, the function returns TRUE.

If the function fails, it returns FALSE. To get a specific error value, call GetLastError.

If NULL is passed to lpszCookieData, the call will succeed and the function will not set ERROR_INSUFFICIENT_BUFFER.

The following error codes may be set by this function.

Return codeDescription

Returned if cookie data retrieved is larger than the buffer size pointed to by the pcchCookieData parameter or if that parameter is NULL.


Returned if either the pchURL or the pcchCookieData parameter is NULL.


Returned if no cookied data as specified could be retrieved.



Note  WinINet does not support server implementations. In addition, it should not be used from a service. For server implementations or services use Microsoft Windows HTTP Services (WinHTTP).


Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]







Unicode and ANSI names

InternetGetCookieExW (Unicode) and InternetGetCookieExA (ANSI)

See also

HTTP Cookies
Managing Cookies
WinINet Functions