Export & import full browser sessions β cookies, localStorage, sessionStorage, IndexedDB β with automatic cross-domain discovery.
Sessioner is a Firefox extension that lets you clone your logged-in session from one browser to another. Export your account state on Browser A, import it on Browser B, and you're logged in without re-authenticating.
It passively monitors network requests to automatically discover related domains (APIs, CDNs, auth providers) so you never miss a cookie.
| Data Type | Method | Scope |
|---|---|---|
| πͺ Cookies | browser.cookies API (includes httpOnly) |
Domain + all discovered subdomains |
| π¦ localStorage | Content script | Origin |
| π sessionStorage | Content script | Origin |
| ποΈ IndexedDB | Content script (full schema + records) | Origin |
All data is saved as a single .json file.
Most sites talk to multiple domains β APIs, auth servers, CDNs. Sessioner's DomainTracker passively monitors webRequest traffic to build a live map of every domain each site communicates with.
When you export, cookies are captured for all discovered domains, not just the one in your URL bar.
example.com β api.example.com, auth.example-cdn.com, cdn.example.io, ...
- π Learns automatically as you browse β no configuration needed
- πΎ Persisted across browser restarts (30-day TTL)
- π·οΈ Visible in the popup as domain tags
β οΈ Requires a Firefox variant that allows unsigned extensions (e.g. Firefox Developer Edition, Firefox Nightly, or unbranded builds). Setxpinstall.signatures.requiredtofalseinabout:config.
- Download the latest
sessioner-*.zipfrom Releases - Open Firefox β
about:addons(orCtrl+Shift+A) - Click the βοΈ gear icon β "Install Add-on From File..."
- Select the downloaded
.zipfile
- Navigate to the site you want to export
- Click the Sessioner icon in the toolbar
- Click Export Session β saves a
.jsonfile
- On another browser/profile, navigate to the same site
- Click Sessioner β Import Session (opens a dedicated import page)
- Select or drag & drop the
.jsonfile - Refresh the page β you should be logged in
Popup click β Background script β
1. Cookies: browser.cookies API for all discovered domains
2. Storage: content script reads localStorage + sessionStorage
3. IndexedDB: content script exports full schema + records
4. Download: single .json file
Import page β reads .json β stores in browser.storage.local β
Background script β
1. Cookies: browser.cookies.set() per cookie
2. Storage: content script writes localStorage + sessionStorage
3. IndexedDB: navigate to clean page β inject content script β
import DBs with no lock conflicts β navigate back
Sites (especially SPAs) hold IndexedDB connections open. Sessioner handles this by:
βοΈ Navigating the tab to a minimal same-origin page (releases all JS/IDB connections)- π Injecting the content script early (
document_start) - β Running IDB import with zero competing connections
- β©οΈ Navigating back to the original URL
Service worker databases (workbox-*) are automatically skipped β they're infrastructure, not user data.
Exported session files contain sensitive authentication data (session tokens, cookies, API keys). Treat them like passwords.
- β Don't share export files publicly
- ποΈ Delete them after use
- βοΈ Don't store them unencrypted in cloud storage
| Permission | Why |
|---|---|
cookies |
Read/write cookies (including httpOnly) |
tabs |
Get active tab URL, navigate for IDB import |
activeTab |
Access current tab |
downloads |
Save export file |
storage |
Persist domain tracker + import data transfer |
webRequest |
Passive domain discovery |
<all_urls> |
Content scripts + cookie access on any site |
# Lint with web-ext
npx web-ext lint --source-dir .
# Run in Firefox with auto-reload
npx web-ext run --source-dir .Requirements: Firefox 109+ Β· Manifest V2 Β· No build step
MIT