diff --git a/browser/net/brave_network_delegate_base.cc b/browser/net/brave_network_delegate_base.cc
index 6f59fa0f67ff..1c3cedad3618 100644
--- a/browser/net/brave_network_delegate_base.cc
+++ b/browser/net/brave_network_delegate_base.cc
@@ -46,7 +46,7 @@ bool OnAllowAccessCookies(
     GURL url = request.url();
     GURL first_party = request.site_for_cookies();
     GURL tab_origin = GURL(request.network_isolation_key().ToString());
-    if (tab_origin.is_empty())
+    if (tab_origin.is_empty() && request.top_frame_origin().has_value())
       tab_origin = request.top_frame_origin()->GetURL();
     return
         cookie_settings->IsCookieAccessAllowed(url, first_party, tab_origin) &&
diff --git a/components/content_settings/core/browser/brave_cookie_settings.cc b/components/content_settings/core/browser/brave_cookie_settings.cc
index f2c1491193b0..6b6631b172e1 100644
--- a/components/content_settings/core/browser/brave_cookie_settings.cc
+++ b/components/content_settings/core/browser/brave_cookie_settings.cc
@@ -90,6 +90,22 @@ void BraveCookieSettings::GetCookieSetting(
     ContentSetting* cookie_setting) const {
   DCHECK(cookie_setting);
 
+  // copied from CookieSettings::GetCookieSetting
+  if (first_party_url.SchemeIs(kChromeUIScheme) &&
+      url.SchemeIsCryptographic()) {
+    *cookie_setting = CONTENT_SETTING_ALLOW;
+    return;
+  }
+
+#if BUILDFLAG(ENABLE_EXTENSIONS)
+  if (url.SchemeIs(extension_scheme_) &&
+      first_party_url.SchemeIs(extension_scheme_)) {
+    *cookie_setting = CONTENT_SETTING_ALLOW;
+    return;
+  }
+#endif
+
+
   GURL main_frame_url =
       (tab_url == GURL("about:blank") || tab_url.is_empty() ? first_party_url
                                                             : tab_url);