Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is !document.cookie reliable?

I'm wondering if using the following Javascript code is reliable:

if (!document.cookie) {
    alert('Cookies are disabled.');
}

I've tested this in IE, Firefox and Chrome and it seems that when you disabled cookies, the document.cookie object becomes unavailable. Does anyone have any experience with this method working/not working?

Many Thanks
Stephen

Additional

I'm well aware that this method requires JavaScript to be enabled on the client. I'm also aware of other server-side/JavaScript solutions. Please can the discussion remain on topic.

like image 568
GateKiller Avatar asked Feb 18 '10 11:02

GateKiller


1 Answers

In XHTML documents, there is no document.cookie at all (up to Firefox 2 or forever on if you send the document as application/xml). I had to learn painfully, that it can be set on document, however:

document.cookie = "foo";

This is valid JS, and the browser shrugs its shoulders and sets the property cookie of the variable document. But the special magic to transform this in an HTTP header doesn't get called.

To put it in a nutshell: No, you can't be sure, that the absence of document.cookie is always identical with disabled cookies, and vice versa.

like image 52
Boldewyn Avatar answered Oct 11 '22 14:10

Boldewyn