Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "Cookies/Accessing A Cookie/Javascript"

From NetSec
Jump to: navigation, search
(Created page with "Cookies not marked with HttpOnly can be accessed through Javascript. To read them, you have to split the document.cookie string by ';' (alert it just to take a look!) and to spli...")
 
(No difference)

Latest revision as of 06:32, 19 July 2012

Cookies not marked with HttpOnly can be accessed through Javascript. To read them, you have to split the document.cookie string by ';' (alert it just to take a look!) and to split each resulting key=value pair by '='.

<syntaxhighlight lang="javascript"> var cookies = document.cookie.split(';'); var c = new Array(); for (cookie in cookies) {

var cs = cookie.split('=');
c[cs[0]] = decodeURIComponent(cs[1]);

} alert(cs['my_lover']);

</syntaxhighlight>