Menu
I've installed the cookie extension for jquery, and am attempting to access the session id cookie.
I currently have two cookies for my session - see screenshot below:
however, $.cookie() only lists one:
> $.cookie()
Object {csrftoken: "fFrlipYaeUmWkkzLrQLwepyACzTfDXHE"}
> $.cookie('sessionid')
undefined
can i/how do i access the sessionid cookie from javascript?
990
The session id cookie should be marked as HTTP Only, preventing access from javascript. This is a security issue, preventing session hijacking via an xss vulnerability.
You can see in your screenshot that the cookie is indeed marked as HTTP.
If you want to learn more about the flag see here. Originally implemented by IE, most browsers support the flag nowadays, and session cookies not marked http-only are considered a security flaw. Also see here.
165
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
