diff --git a/src/net/http/cookie.go b/src/net/http/cookie.go
index 6e1035330b..1810790ac3 100644
--- a/src/net/http/cookie.go
+++ b/src/net/http/cookie.go
@@ -70,6 +70,7 @@ func readSetCookies(h Header) []*Cookie {
 		}
 		parts[0] = textproto.TrimString(parts[0])
 		name, value, ok := strings.Cut(parts[0], "=")
+		name = textproto.TrimString(name)
 		if !ok {
 			continue
 		}
@@ -291,6 +292,7 @@ func readCookies(h Header, filter string) []*Cookie {
 				continue
 			}
 			name, val, _ := strings.Cut(part, "=")
+			name = textproto.TrimString(name)
 			if !isCookieNameValid(name) {
 				continue
 			}
diff --git a/src/net/http/cookie_test.go b/src/net/http/cookie_test.go
index ccc5f98091..3c5c50b632 100644
--- a/src/net/http/cookie_test.go
+++ b/src/net/http/cookie_test.go
@@ -352,6 +352,10 @@ var readSetCookiesTests = []struct {
 		Header{"Set-Cookie": {`special-8=","`}},
 		[]*Cookie{{Name: "special-8", Value: ",", Raw: `special-8=","`}},
 	},
+	{
+		Header{"Set-Cookie": {`special-9 =","`}},
+		[]*Cookie{{Name: "special-9", Value: ",", Raw: `special-9 =","`}},
+	},
 
 	// TODO(bradfitz): users have reported seeing this in the
 	// wild, but do browsers handle it? RFC 6265 just says "don't