[英]How to get value from cookie which http mode is true
I want to get cookie value which http mode is true using js. 我想使用js获取HTTP模式为true的cookie值。
var x = document.cookie;
Using that I only that value which http mode is false (example:Nopcommerce.RecentlyViewedProducts). 使用该值,我仅使用http模式为false的值(例如:Nopcommerce.RecentlyViewedProducts)。
In this picture I want get value Nop.customer. 在这张照片中,我想获取价值Nop.customer。 How to get that? 如何获得?
You can't do this. 你做不到 The whole point of the HttpOnly
flag on a cookie is that it cannot be accessed by client-side scripts. Cookie上的HttpOnly
标志的全部要点是客户端脚本无法访问它。 It's just sent by the browser to the server. 它只是由浏览器发送到服务器。 From OWASP : 从OWASP :
If the HttpOnly flag (optional) is included in the HTTP response header, the cookie cannot be accessed through client side script (again if the browser supports this flag). 如果HTTP响应标头中包含HttpOnly标志(可选),则无法通过客户端脚本访问cookie(同样,如果浏览器支持该标志)。 As a result, even if a cross-site scripting (XSS) flaw exists, and a user accidentally accesses a link that exploits this flaw, the browser (primarily Internet Explorer) will not reveal the cookie to a third party. 结果,即使存在跨站点脚本(XSS)漏洞,并且用户意外访问利用此漏洞的链接,浏览器(主要是Internet Explorer)也不会将Cookie透露给第三方。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.