This question already has an answer here:
I'm trying to set a secure session for a login interface and I'm checking if some hashed value saved on the $_COOKIE and in $_SESSION matches in both arrays. I need to change the value of the cookie via javascript to simulate an attack and check if my secure session works (if that is even possible, of course). Deleting the cookie wont work because I have a different validation for when the cookies doesnt exist.
Is it possible to modify a cookie's value via javascript and if so, how to?
</div>
Is it possible to modify a cookie's value via javascript and if so, how to?
Yes. Provided it lives under the same domain and path, you can ready, modify, create, or destroy cookies either by JavaScript (document.cookie) or PHP ($_COOKIE and set_cookie()).
As noted, you could also manipulate cookies via the developer tools of most modern browsers.
Since cookies are actually stored within the browser, it is definitely possible :)
https://developer.mozilla.org/en-US/docs/Web/API/document.cookie