Questions about this topic? Sign up to ask in the talk tab.

Cookies/Accessing A Cookie/Javascript

From NetSec
Jump to: navigation, search

Cookies not marked with HttpOnly can be accessed through Javascript. To read them, you have to split the document.cookie string by ';' (alert it just to take a look!) and to split each resulting key=value pair by '='.

<syntaxhighlight lang="javascript"> var cookies = document.cookie.split(';'); var c = new Array(); for (cookie in cookies) {

var cs = cookie.split('=');
c[cs[0]] = decodeURIComponent(cs[1]);

} alert(cs['my_lover']);

</syntaxhighlight>