stackoom
  简体   繁体   中英

how to read HttpOnly cookies using JavaScript?

 原文  2020-11-12 17:20:38       javascript/ google-chrome

Question

I already tried document.cookie and it didn't work. I tried researching but I couldn't find a solution.

1 answers

solution1
 2 ACCPTED  2020-11-12 17:21:58

You can't - thats the whole point of HttpOnly

A cookie with the HttpOnly attribute is inaccessible to the JavaScript Document.cookie API; it is sent only to the server. For example, cookies that persist server-side sessions don't need to be available to JavaScript, and should have the HttpOnly attribute. This precaution helps mitigate cross-site scripting (XSS) attacks

Info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies

If your cookie does not contain sensitive info (such as a server-side session) then it should not be marked HttpOnly !

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How can I read httponly and secure cookies in the browser with Javascript? How to read a HttpOnly cookie using JavaScript javascript Chrome Extension Not able to read httponly cookies Get HttpOnly cookies with javascript How Can I Force HttpOnly FALSE On Cookies So JavaScript Can Read Them With PHP Cross-Domain? Problems using ajax to access secure and httponly cookies from javascript How do HttpOnly cookies work with Javascript and authentication proxies? Read Cookies using Javascript Using httpOnly cookies for device registration How to set and read cookies JavaScript
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM