Rewind, please, because you've raised a much more interesting question than the one you asked. Have you come across search-eninge robots actively using cookies? Even the plainclothes bingbot-- which is as humanoid as the come-- hasn't shown up with cookies yet.

From my understanding mod_rewrite has the ability to create/set cookies, not modify existing ones.

This may be a distinction without a difference. Within mod_rewrite you can read the existing cookie in a RewriteCond and then set a new one using the values of the old one. So even though you're technically defining a new cookie, you don't have to throw away the content of the old one.

One of the stock answers in this subforum is: Explain in English exactly what you want to do. I have a couple of UA-based cookies* myself, but your situation sounds a little more complicated.

Edit: I'd assumed you were asking about outgoing cookies sent with the response header. Are you, instead, asking about incoming cookies arriving with the request header? Brr. (Have to say I don't perfectly understand why messing with the request header would even be necessary, but obviously the capability exists for a reason.)


* At least in theory. I don't think anyone has ever matched the precise combination of circumstances that would trigger the cookie. But it's sitting there in htaccess all the same.