Questions about this topic? Sign up to ask in the talk tab.

Cookies/Accessing A Cookie/Javascript

From NetSec
Revision as of 07:32, 19 July 2012 by Chantal21I (Talk | contribs) (Created page with "Cookies not marked with HttpOnly can be accessed through Javascript. To read them, you have to split the document.cookie string by ';' (alert it just to take a look!) and to spli...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Cookies not marked with HttpOnly can be accessed through Javascript. To read them, you have to split the document.cookie string by ';' (alert it just to take a look!) and to split each resulting key=value pair by '='.

<syntaxhighlight lang="javascript"> var cookies = document.cookie.split(';'); var c = new Array(); for (cookie in cookies) { 

var cs = cookie.split('=');
c[cs[0]] = decodeURIComponent(cs[1]);

} alert(cs['my_lover']);

</syntaxhighlight>

Retrieved from "http://nets.ec/index.php?title=Cookies/Accessing_A_Cookie/Javascript&oldid=8259"