WebDriverIO MCP Server

Official

by webdriverio

Overview Schema Related Servers Score Discussions

TypeScript

Local

set_cookie

Idempotent

Sets a browser cookie on the active session to inject session tokens or feature flags without requiring login flows.

Instructions

Sets a browser cookie on the active session. The browser must already be on the target domain — cookies cannot be set cross-domain. Use to inject session tokens or feature flags without login flows.

Input Schema

TableJSON Schema

Name	Required	Description
`name`	Yes	Cookie name
`value`	Yes	Cookie value
`domain`	No	Cookie domain (defaults to current domain)
`path`	No	Cookie path (defaults to "/")
`expiry`	No	Expiry date as Unix timestamp in seconds
`httpOnly`	No	HttpOnly flag
`secure`	No	Secure flag
`sameSite`	No	SameSite attribute

Implementation Reference

src/tools/cookies.tool.ts:24-49 (handler)

The setCookieTool function is the handler for the 'set_cookie' tool. It extracts cookie parameters (name, value, domain, path, expiry, httpOnly, secure, sameSite), calls getBrowser() to get the active browser session, and uses browser.setCookies() to set the cookie. Returns success message or error.

export const setCookieTool: ToolCallback = async ({
  name,
  value,
  domain,
  path = '/',
  expiry,
  httpOnly,
  secure,
  sameSite,
}: Cookie): Promise<CallToolResult> => {
  try {
    const cookie: Cookie = { name, value, path, domain, expiry, httpOnly, secure, sameSite };
    const { getBrowser } = await import('../session/state');
    const browser = getBrowser();
    await browser.setCookies(cookie);

    return {
      content: [{ type: 'text', text: `Cookie "${name}" set successfully` }],
    };
  } catch (e) {
    return {
      isError: true,
      content: [{ type: 'text', text: `Error setting cookie: ${e}` }],
    };
  }
};

src/tools/cookies.tool.ts:8-22 (schema)

The setCookieToolDefinition defines the 'set_cookie' tool schema with name, description, annotations, and inputSchema (Zod validation) specifying parameters: name (string), value (string), domain (optional string), path (optional string), expiry (optional number), httpOnly (optional coerced boolean), secure (optional coerced boolean), sameSite (optional enum: strict/lax/none).

export const setCookieToolDefinition: ToolDefinition = {
  name: 'set_cookie',
  description: 'Sets a browser cookie on the active session. The browser must already be on the target domain — cookies cannot be set cross-domain. Use to inject session tokens or feature flags without login flows.',
  annotations: { title: 'Set Cookie', destructiveHint: false, idempotentHint: true },
  inputSchema: {
    name: z.string().describe('Cookie name'),
    value: z.string().describe('Cookie value'),
    domain: z.string().optional().describe('Cookie domain (defaults to current domain)'),
    path: z.string().optional().describe('Cookie path (defaults to "/")'),
    expiry: z.number().optional().describe('Expiry date as Unix timestamp in seconds'),
    httpOnly: coerceBoolean.optional().describe('HttpOnly flag'),
    secure: coerceBoolean.optional().describe('Secure flag'),
    sameSite: z.enum(['strict', 'lax', 'none']).optional().describe('SameSite attribute'),
  },
};

src/server.ts:137-137 (registration)
Registration of the set_cookie tool in the MCP server: registerTool(setCookieToolDefinition, setCookieTool) at line 137, imported from ./tools/cookies.tool on lines 16-21.
```
registerTool(setCookieToolDefinition, setCookieTool);
```

src/utils/zod-helpers.ts:3-11 (helper)

The coerceBoolean helper used in the schema to accept boolean, string 'true'/'false'/'0'/'1', or truthy values and convert them to proper booleans via Zod preprocessing.

export const coerceBoolean = z.preprocess((val) => {
  if (typeof val === 'boolean') return val;
  if (typeof val === 'string') {
    if (val === 'false' || val === '0') return false;
    if (val === 'true' || val === '1') return true;
    return Boolean(val);
  }
  return val;
}, z.boolean());

src/session/state.ts:18-24 (helper)

The getBrowser() helper retrieves the active browser session from the state map, used by setCookieTool to obtain the browser instance for calling setCookies().

export function getBrowser(): WebdriverIO.Browser {
  const browser = state.browsers.get(state.currentSession);
  if (!browser) {
    throw new Error('No active browser session');
  }
  return browser;
}

Tool Definition Quality

A4.2/5.0

Behavior4/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

The description adds the important behavioral constraint of same-domain requirement, which is not captured by annotations (readOnlyHint=false, destructiveHint=false, idempotentHint=true). It does not contradict annotations. Could mention that setting a cookie overwrites existing ones with the same name, but that is implied.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

Two sentences, highly concise and front-loaded with the action. Every sentence adds value; no wasted words.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the schema fully describes all 8 parameters and no output schema exists, the description adequately covers purpose, constraint, and use cases. It is complete for an agent to invoke correctly.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100%, so the baseline is 3. The description adds minimal meaning beyond the schema (e.g., the use case of injecting tokens does not elaborate on parameters). No parameter-specific guidance is provided.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

Clearly states the action ('Sets a browser cookie'), the resource ('on the active session'), and distinguishes it from siblings like get_cookies and delete_cookies. The description also provides concrete use cases (inject session tokens or feature flags).

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

Explicitly notes a key constraint ('browser must already be on the target domain') and gives a clear usage scenario ('inject session tokens or feature flags without login flows'). However, it does not explicitly exclude alternatives or state when not to use, but the context is clear enough for an AI agent.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/webdriverio/mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server