What happened to EditThisCookie?

EditThisCookie was removed from the Chrome Web Store on 2024-09-28. The community-surfaced explanation is that the maintainer account changed hands and a post-transfer update introduced unwanted monetization that violated Chrome Web Store policy. The original open-source code remains on GitHub, but the store listing is gone, so new users cannot install it and existing users get no updates.

Is EditThisCookie safe to keep using?

We recommend uninstalling. Even if your locally installed copy is the trusted pre-transfer build, it runs on Manifest V2, which Chrome is force-disabling in its stable channel. Once disabled, your data is locked in an extension that no longer runs. And any "EditThisCookie" you reinstall from outside the official store has unverified provenance — a real risk for an extension with cookie access.

Why was EditThisCookie removed and not just updated?

Google removes Chrome Web Store listings when an extension violates policy — in this case, the monetization behavior introduced after the maintainer-account transfer. Removal is not the same as a forced update; Google took down the listing entirely rather than reverting it, which is why there is no "updated EditThisCookie" in the store.

What is the best EditThisCookie alternative?

For a like-for-like cookie editor on Manifest V3, CookieVault Editor reproduces the EditThisCookie workflow (view, edit, export, import) and adds end-to-end encrypted sync and reproducible builds. Cookie-Editor (by Moustachauve) is another actively maintained MV3 option. Both are safe; CookieVault is open source, Cookie-Editor is closed source.

Will my EditThisCookie cookies transfer to a new extension?

Yes, if you export them first. While EditThisCookie is still installed, use its Export → JSON feature. CookieVault Editor (and most modern cookie managers) can import that JSON and restore your cookies with all flags intact. If you have already uninstalled EditThisCookie, you can recreate cookies manually from Chrome DevTools.

Is the EditThisCookie on GitHub safe to build myself?

The original source code on GitHub is open and inspectable, so building it yourself is safer than installing an unverified binary from a third party. However, it still relies on Manifest V2, so a self-built copy will stop working when Chrome fully disables MV2. A Manifest V3 alternative is the durable choice.

Did EditThisCookie steal passwords or data?

There is no broad public confirmation that the post-transfer EditThisCookie exfiltrated passwords. The documented concern was policy-violating monetization behavior, not confirmed credential theft. That said, an extension with cookie access under unknown ownership is a credible risk, which is why the community moved off it quickly.

How do I migrate from EditThisCookie to CookieVault?

Export your cookies from EditThisCookie as JSON, install CookieVault Editor from the Chrome Web Store, open Settings → Import → EditThisCookie JSON, and verify your cookies appear. The full step-by-step migration guide is on our EditThisCookie alternative page.

EditThisCookie is gone — what happened and what to do

TL;DR: EditThisCookie was removed from the Chrome Web Store on 2024-09-28 after the maintainer account was reportedly transferred and a post-transfer update added policy-violating monetization. The original is defunct; the safe path is a Manifest V3 alternative like the open-source CookieVault Editor or the closed-source Cookie-Editor.

The removal of EditThisCookie is one of the most consequential events in Chrome extension history. EditThisCookie was, for nearly a decade, the default cookie editor for millions of Chrome users¹ — and on 2024-09-28 it disappeared from the Chrome Web Store. This post lays out the verifiable timeline, explains why an extension that was trusted for years became a risk, and tells you exactly what to do whether you still have it installed or not.

The timeline

In short: EditThisCookie grew to a multi-million install base over roughly a decade, ran on Manifest V2, and was removed from the Chrome Web Store on 2024-09-28 following a maintainer-account transfer and a controversial post-transfer update. The GitHub source remains; the store listing does not.

The sequence of events, as documented across the developer community²:

Date / period	Event
~2012-2023	EditThisCookie is the dominant Chrome cookie editor, reaching a reported multi-million install base
2019 onward	Google announces and begins the Manifest V3 transition, deprecating MV2³
Pre-2024	The original author, Francesco Capano, transfers the extension to a third party
2024 (post-transfer)	A new update introduces monetization behavior that the community flags as policy-violating
2024-09-28	Google removes EditThisCookie from the Chrome Web Store
2024 onward	”EditThisCookie revival” forks and side-loadable CRX files appear from unverified publishers

The original author has publicly stated that he sold the extension before the problematic updates and was not involved in the changes that led to removal. We do not attribute the removal to him — the point is that maintainer-account transfers are a recognized supply-chain risk for browser extensions, and EditThisCookie is the textbook case.

Why a trusted extension became a risk overnight

In short: Browser extensions have privileged access to your browsing data. An extension trustworthy for years can become a tracking or monetization vector the moment its publisher account changes hands — and users rarely notice the ownership change before the behavior changes.

Three structural reasons this happens, and not just to EditThisCookie:

Privileged access persists across ownership. An extension with the cookies permission keeps that permission after a sale. The new owner inherits access to every cookie on every site you visit.
Auto-update is silent. Chrome updates extensions in the background. A policy-violating update can land without you clicking anything, and the new behavior runs with the permissions you granted the old owner.
Provenance is invisible in the store. The Chrome Web Store listing does not show ownership history. You cannot tell from the store page whether the extension you trusted in 2022 has the same owner in 2024.

This is why open-source code and reproducible builds matter: they make the “the binary does something different from what the source says” attack class detectable.

What to do right now

In short: If you still have EditThisCookie installed, export your data and uninstall. Then pick a Manifest V3 alternative with transparent ownership. Do not reinstall EditThisCookie from outside the official store.

The eight-step safe-migration checklist:

Check if EditThisCookie is still installed — visit chrome://extensions and look for it
If installed, export your cookies first — click the EditThisCookie icon → Export → JSON, and save the file
Uninstall EditThisCookie — click Remove on the chrome://extensions page
Do not reinstall from third-party sources — “EditThisCookie revival” CRX files have unverified provenance
Pick a Manifest V3 alternative — CookieVault Editor (open source) or Cookie-Editor (closed source) are both safe
Install from the official Chrome Web Store — never from a direct download link in a search result
Import your exported JSON — CookieVault Editor: Settings → Import → EditThisCookie JSON
Securely delete the exported JSON once import is verified — plaintext cookies on disk are a credential-leak risk

Which alternative to pick

In short: CookieVault Editor if you want open-source code, encrypted sync, and reproducible builds. Cookie-Editor if you want the smallest possible install and do not need sync. Both are Manifest V3 and actively maintained — avoid unmaintained forks.

A short comparison of the safe options:

CookieVault Editor — MIT open source, Manifest V3, end-to-end encrypted sync, reproducible builds, multi-profile. The closest like-for-like EditThisCookie replacement with added trust signals.
Cookie-Editor (by Moustachauve) — closed source, Manifest V3, actively maintained, smallest footprint. A reasonable choice if source transparency is not a requirement for you.
Unmaintained “revival” forks — avoid. Unknown provenance plus cookie access is exactly the risk that took down the original.

The full migration walk-through with screenshots and a feature-parity matrix is on our EditThisCookie alternative page.

EditThisCookie is gone — what happened and what to do

The timeline

Why a trusted extension became a risk overnight

What to do right now

Which alternative to pick

See also

Footnotes