Is there any way of reading cookies marked with HTTPONLY checked, with jQuery? I have a cookie named wishlist_cookie
.
When I try
$.cookie('wishlist_cookie');
It returns NULL
even if it has a value.
Different Browsers enable different security measures when the HTTPOnly flag is set. For instance Opera and Safari do not prevent javascript from writing to the cookie. However, reading is always forbidden on the latest version of all major browsers. But more importantly why do you want to read an HTTPOnly cookie?
Reading a cookie: We can use the cookie () method to read a cookie by passing the name of the cookie and it will return the value of the cookie. Parameters: It has a single parameter, which is the name of the cookie to be read. Return Value: It returns the value of the cookie. 3.
HttpOnly is a flag the website can specify about a cookie. In other words, the webserver tells your browser “Hey, here is a cookie, and you should treat is as HttpOnly”.
It is a recognized best practice to share any authentication data only with HttpOnly cookies. Using a standard cookie for authentication is a known vulnerability we should avoid in any case. In the end, cookies are a property of HTTP. HTTP is a standard protocol that defines how to send and receive cookies.
HttpOnly cookie is not available to client-side scripting languages, there is no way to get and set it. Here is the link Set a cookie to HttpOnly via Javascript for details.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With