nothing-cookiesinject
v1.0.2
Published
nothing-browser plugin — injects cookies before page JS runs via the C++ PiggyCookieInject engine, fixing the WAWeb auth race condition
Maintainers
Readme
nothing-cookiesinject
Injects cookies from a JSON file into the browser before page JS runs, solving the WhatsApp Web authentication race condition that SessionManager alone cannot fix.
The C++ side (PiggyCookieInject) hooks loadStarted — not loadFinished — so cookies are in the store before WAWeb's WebSocket auth check fires.
Install
npm install nothing-cookiesinjectUsage
const piggy = require('nothing-browser').default;
const cookiesinject = require('nothing-cookiesinject');
const fs = require('fs');
await piggy.launch({ mode: 'tab', binary: 'headless' });
await piggy.register('whatsapp', 'https://web.whatsapp.com', { single: true });
await piggy.extend(
cookiesinject({ cookieFile: './wa-cookies.json' })
);
// Save cookies after first authentication so they're available on next restart
piggy.whatsapp.on('authenticated', async () => {
const cookies = await piggy.whatsapp.cookies.list();
fs.writeFileSync('./wa-cookies.json', JSON.stringify(cookies, null, 2));
console.log('Cookies saved — next restart will skip the QR code');
});
piggy.whatsapp.on('cookies:injected', (d) =>
console.log(`${d.count} cookies injected (${d.skipped} skipped)`)
);
await piggy.whatsapp.navigate();Options
| Option | Type | Default | Description |
|---|---|---|---|
| cookieFile | string | './wa-cookies.json' | Path to the cookies JSON file |
| onInjected | function | — | Called every time C++ injects cookies |
Events
| Event | Data | When |
|---|---|---|
| cookies:injected | { tabId, count, skipped, file } | Every page load — C++ injected cookies before WAWeb booted |
API (site.cookieinject)
// Re-read file and inject into current tab right now
await piggy.whatsapp.cookieinject.reload();
// Check plugin status
const status = await piggy.whatsapp.cookieinject.status();
// { active: true, file: './wa-cookies.json', injected: 14 }
// Swap cookie file without restarting
await piggy.whatsapp.cookieinject.setFile('./backup-cookies.json');Cookie file format
The file must be a JSON array. Domain must have a leading dot:
[
{
"name": "sid",
"value": "abc123",
"domain": ".whatsapp.net",
"path": "/",
"secure": true,
"httpOnly": true,
"expires": 1735689600
}
]⚠️
.whatsapp.netnotwhatsapp.net— the C++ normalises this automatically, but your exported file should already have the dot to avoid confusion.
Notes
- To force a fresh QR scan: call
site.storage.clear()before navigating (requiresnothing-innerstorage) - This plugin was made upon request — report any issues found
- This plugin is tailored specifically for WhatsApp sessions. You can use it on other sites but there is no guarantee it will work, and that is not a bug. A general-purpose
nothing-storageplugin will be released in the future to solve that - Do not call
session.reload()alongside this plugin — it injects at the wrong timing and will conflict - On first run, if
wa-cookies.jsondoes not exist yet, the plugin loads silently and activates automatically once the file appears after your first QR scan
