stackoom
  简体   繁体   中英

how do i/can i access a sessionid cookie through javascript?

 原文  2013-10-01 19:53:10       javascript/ jquery/ session/ cookies

Question

I've installed the cookie extension for jquery, and am attempting to access the session id cookie.

I currently have two cookies for my session - see screenshot below:

Cookie屏幕快照

however, $.cookie() only lists one: 

> $.cookie()
Object {csrftoken: "fFrlipYaeUmWkkzLrQLwepyACzTfDXHE"}
> $.cookie('sessionid')
undefined

can i/how do i access the sessionid cookie from javascript?

1 answers

solution1
 9 ACCPTED  2013-10-01 20:45:58

The session id cookie should be marked as HTTP Only, preventing access from javascript. This is a security issue, preventing session hijacking via an xss vulnerability.

You can see in your screenshot that the cookie is indeed marked as HTTP.

If you want to learn more about the flag see here . Originally implemented by IE, most browsers support the flag nowadays, and session cookies not marked http-only are considered a security flaw. Also see here .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How can i get Client Webpage cookie information through javascript How do i set my sessionid in my cookie to expire at the end of session? Django: Cannot access sessionid cookie using Javascript How can I access CodeIgniter session cookie using Javascript? How do I clear this JavaScript cookie? How do i create a cookie in JavaScript? How do I access printer SNMP data through JavaScript How do I access JSON elements through javascript? How can I create a cookie for SurveyMonkney Javascript? JavaScript how can i make a cookie/+1 animation
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM