New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

More powerful $cookies service #950

Closed
reichart opened this Issue May 11, 2012 · 67 comments

Comments

@reichart

I want to set a cookie on the root path / so it's available everywhere on the domain.

But the $cookies service only accepts name and value, and always sets the cookie path to the current page via self.baseHref().

Could the $cookies service be extended to provide access to additional cookie properties like path, expires, domain and secure?

I quite like the API of the jquery.cookie plugin: https://github.com/carhartl/jquery-cookie#usage. It keeps the common name=value use case simple and allows to set additional cookie properties via a third options object parameter.

I'm not very proficient in Javascript but I might try to implement something over the weekend.

@jzacsh

This comment has been minimized.

Show comment
Hide comment
@jzacsh

jzacsh Aug 31, 2012

Contributor

Working on this (first version, I'm not worried about providing jquery's "raw" option), just updating tests now.

branch is here: jzacsh/angular.js@master...issue950_cookies

Contributor

jzacsh commented Aug 31, 2012

Working on this (first version, I'm not worried about providing jquery's "raw" option), just updating tests now.

branch is here: jzacsh/angular.js@master...issue950_cookies

@jzacsh

This comment has been minimized.

Show comment
Hide comment
@jzacsh

jzacsh Mar 9, 2013

Contributor

Hey, sorry I forgot to update this thread. Switched teams and don't have the time do this. Someone should take this on :-)

Contributor

jzacsh commented Mar 9, 2013

Hey, sorry I forgot to update this thread. Switched teams and don't have the time do this. Someone should take this on :-)

@eddiemonge

This comment has been minimized.

Show comment
Hide comment
@eddiemonge

eddiemonge Jul 31, 2013

Contributor

any updates on this?

Contributor

eddiemonge commented Jul 31, 2013

any updates on this?

@solidspark

This comment has been minimized.

Show comment
Hide comment
@solidspark

solidspark Sep 11, 2013

+1 for updates and a resolution

+1 for updates and a resolution

@wkonkel

This comment has been minimized.

Show comment
Hide comment
@wkonkel

wkonkel Sep 24, 2013

+1 Not supporting secure cookies is a security issue and should be addressed ASAP.

wkonkel commented Sep 24, 2013

+1 Not supporting secure cookies is a security issue and should be addressed ASAP.

@rappo

This comment has been minimized.

Show comment
Hide comment
@eddiemonge

This comment has been minimized.

Show comment
Hide comment
@eddiemonge

eddiemonge Sep 25, 2013

Contributor

you could always use a different library like: https://github.com/grevory/angular-local-storage

Contributor

eddiemonge commented Sep 25, 2013

you could always use a different library like: https://github.com/grevory/angular-local-storage

@lewisgoddard

This comment has been minimized.

Show comment
Hide comment
@lewisgoddard

lewisgoddard Oct 6, 2013

Would it not be possible to simply replace the existing code for cookie control with a third-party library like jQuery Cookie https://github.com/carhartl/jquery-cookie

This plugin provides support for custom expiry dates, domain names (set example.com from sub.example.com etc), path values, and secure cookies, thus:

$.cookie('cookiename', 'cookievalue', { expires: 7, path: '/', domain: 'example.com', secure: true });

Would it not be possible to simply replace the existing code for cookie control with a third-party library like jQuery Cookie https://github.com/carhartl/jquery-cookie

This plugin provides support for custom expiry dates, domain names (set example.com from sub.example.com etc), path values, and secure cookies, thus:

$.cookie('cookiename', 'cookievalue', { expires: 7, path: '/', domain: 'example.com', secure: true });

@wkonkel

This comment has been minimized.

Show comment
Hide comment
@wkonkel

wkonkel Oct 7, 2013

Although local-storage and jQuery both provide workarounds, this ticket is for fixing the core issue within AngularJS so workarounds aren't necessary.

wkonkel commented Oct 7, 2013

Although local-storage and jQuery both provide workarounds, this ticket is for fixing the core issue within AngularJS so workarounds aren't necessary.

@eddiemonge

This comment has been minimized.

Show comment
Hide comment
@eddiemonge

eddiemonge Oct 7, 2013

Contributor

angular-cookies is no longer 'core'. its more of a Angular team supported plugin now.

Contributor

eddiemonge commented Oct 7, 2013

angular-cookies is no longer 'core'. its more of a Angular team supported plugin now.

@Narretz

This comment has been minimized.

Show comment
Hide comment
@Narretz

Narretz Dec 17, 2013

Contributor

+1

Contributor

Narretz commented Dec 17, 2013

+1

@bwdolphin

This comment has been minimized.

Show comment
Hide comment
@bwdolphin

bwdolphin Dec 17, 2013

+1 - for reference this seems to work pretty well - https://github.com/ivpusic/angular-cookie - but I still think this should be part of the included Angular cookie plugin.

+1 - for reference this seems to work pretty well - https://github.com/ivpusic/angular-cookie - but I still think this should be part of the included Angular cookie plugin.

@johannesjo

This comment has been minimized.

Show comment
Hide comment

+1

@ghost ghost assigned jeffbcross Jan 31, 2014

@jeffbcross jeffbcross removed their assignment Feb 3, 2014

@jeffbcross jeffbcross added this to the Backlog milestone Feb 4, 2014

@jonrimmer

This comment has been minimized.

Show comment
Hide comment
@jonrimmer

jonrimmer Feb 12, 2014

+1
We were just bitten by this, with cookies being shared between different environments running on the same host but different ports.

The current implementation is dangerous IMO, as it makes it impossible to properly secure cookies you create. This is going to lead to Angular apps which are vulnerable to XSS attacks.

+1
We were just bitten by this, with cookies being shared between different environments running on the same host but different ports.

The current implementation is dangerous IMO, as it makes it impossible to properly secure cookies you create. This is going to lead to Angular apps which are vulnerable to XSS attacks.

@lucianenache

This comment has been minimized.

Show comment
Hide comment
@lucianenache

lucianenache Feb 12, 2014

+1
what is the current status?

+1
what is the current status?

@kbanman

This comment has been minimized.

Show comment
Hide comment
@kbanman

kbanman Feb 19, 2014

+1
I'd like to be able to set path, expiry and domain

kbanman commented Feb 19, 2014

+1
I'd like to be able to set path, expiry and domain

@HNygard

This comment has been minimized.

Show comment
Hide comment
@HNygard

HNygard Mar 18, 2014

Contributor

👍

Contributor

HNygard commented Mar 18, 2014

👍

@jamiemccrindle

This comment has been minimized.

Show comment
Hide comment
@mellodev

This comment has been minimized.

Show comment
Hide comment
@mellodev

mellodev Apr 16, 2014

+1 any update?

I want to use $cookieStore to store data that can be read by javascript running on any of my products subdomains (lasvegas.x.com, losangeles.x.com)

+1 any update?

I want to use $cookieStore to store data that can be read by javascript running on any of my products subdomains (lasvegas.x.com, losangeles.x.com)

@tniswong

This comment has been minimized.

Show comment
Hide comment

+1

@joseym

This comment has been minimized.

Show comment
Hide comment
@joseym

joseym Apr 24, 2014

👍 , but a 2 year old outstanding issue with this many bumps? Probably best to find another solution.

joseym commented Apr 24, 2014

👍 , but a 2 year old outstanding issue with this many bumps? Probably best to find another solution.

@kmlx

This comment has been minimized.

Show comment
Hide comment
@kmlx

kmlx Apr 24, 2014

@joseym I can imagine most people found a workaround 'till now.
This issues is in the Backlog milestone, which implies it would get 'fixed' sometime in the future.

** Later edit: **
PR would be helpful, albeit I don't need this now. Been using https://github.com/grevory/angular-local-storage with great success.

kmlx commented Apr 24, 2014

@joseym I can imagine most people found a workaround 'till now.
This issues is in the Backlog milestone, which implies it would get 'fixed' sometime in the future.

** Later edit: **
PR would be helpful, albeit I don't need this now. Been using https://github.com/grevory/angular-local-storage with great success.

@yokomizor

This comment has been minimized.

Show comment
Hide comment

+1

@kevinhikaruevans

This comment has been minimized.

Show comment
Hide comment
@kevinhikaruevans

kevinhikaruevans May 14, 2014

+1.

Doesn't make much sense to have cookies, then to skip every single feature of them.

+1.

Doesn't make much sense to have cookies, then to skip every single feature of them.

@HouCoder

This comment has been minimized.

Show comment
Hide comment

+1

@akarelas

This comment has been minimized.

Show comment
Hide comment

👍

@jscti

This comment has been minimized.

Show comment
Hide comment
@jscti

jscti May 23, 2014

+1 ... Can't believe this cookie API is this poor
edit: just found https://github.com/ivpusic/angular-cookie

jscti commented May 23, 2014

+1 ... Can't believe this cookie API is this poor
edit: just found https://github.com/ivpusic/angular-cookie

@simpsonjon

This comment has been minimized.

Show comment
Hide comment

+1

@takashi

This comment has been minimized.

Show comment
Hide comment
@takashi

takashi Oct 6, 2014

Contributor

👍

Contributor

takashi commented Oct 6, 2014

👍

@sjogreen-sp

This comment has been minimized.

Show comment
Hide comment

+1

@JamSquad

This comment has been minimized.

Show comment
Hide comment

JamSquad commented Oct 7, 2014

Plus one

@corkupine

This comment has been minimized.

Show comment
Hide comment

+1

@grantgeorge

This comment has been minimized.

Show comment
Hide comment

👍

@dallasvogels

This comment has been minimized.

Show comment
Hide comment

👍

@gdi2290

This comment has been minimized.

Show comment
Hide comment
@gdi2290

gdi2290 Dec 11, 2014

Member

👍

Tipe CMS

Member

gdi2290 commented Dec 11, 2014

👍

Tipe CMS

@Ppchiu

This comment has been minimized.

Show comment
Hide comment
@Ppchiu

Ppchiu Dec 16, 2014

Is this one still up for grabs by the community? I would love to take it on.

Ppchiu commented Dec 16, 2014

Is this one still up for grabs by the community? I would love to take it on.

@martinmcwhorter

This comment has been minimized.

Show comment
Hide comment
@martinmcwhorter

martinmcwhorter Dec 16, 2014

I, like @Ppchiu, would be willing to take this on.

I, like @Ppchiu, would be willing to take this on.

shahata added a commit to shahata/angular.js that referenced this issue Dec 19, 2014

shahata added a commit to shahata/angular.js that referenced this issue Dec 19, 2014

shahata added a commit to shahata/angular.js that referenced this issue Dec 19, 2014

@voronianski

This comment has been minimized.

Show comment
Hide comment
@voronianski

voronianski Dec 28, 2014

Limitations of $cookieStore forced me to port common and well-known jquery-cookie plugin as separate Angular cookie provider, check it here - https://github.com/voronianski/ngKookies

Limitations of $cookieStore forced me to port common and well-known jquery-cookie plugin as separate Angular cookie provider, check it here - https://github.com/voronianski/ngKookies

@caitp

This comment has been minimized.

Show comment
Hide comment
@caitp

caitp Dec 28, 2014

Contributor

we should look into that and see if it looks suitable for inclusion as a core module (if that sounds alright with you @voronianski)

Contributor

caitp commented Dec 28, 2014

we should look into that and see if it looks suitable for inclusion as a core module (if that sounds alright with you @voronianski)

@voronianski

This comment has been minimized.

Show comment
Hide comment
@voronianski

voronianski Dec 28, 2014

@caitp this sounds great!

@caitp this sounds great!

shahata added a commit to shahata/angular.js that referenced this issue Jan 5, 2015

@zoltantarcsay

This comment has been minimized.

Show comment
Hide comment
@gelus

This comment has been minimized.

Show comment
Hide comment
@gelus

gelus Jan 27, 2015

I'd love to take this one if it is available. however it looks like it has already been taken care of by this commit: d456789

Can any one verify this?
@zoltantarcsay, since you've most recently +1ed it, is it still an issue?

gelus commented Jan 27, 2015

I'd love to take this one if it is available. however it looks like it has already been taken care of by this commit: d456789

Can any one verify this?
@zoltantarcsay, since you've most recently +1ed it, is it still an issue?

@catindev

This comment has been minimized.

Show comment
Hide comment

catindev commented Feb 3, 2015

+1

@stevermeister

This comment has been minimized.

Show comment
Hide comment
@stevermeister

stevermeister Feb 3, 2015

Contributor

I've updated my module fix - ng-biscuit, but of course ngKookies looks more mature

Contributor

stevermeister commented Feb 3, 2015

I've updated my module fix - ng-biscuit, but of course ngKookies looks more mature

shahata added a commit to shahata/angular.js that referenced this issue Feb 28, 2015

shahata added a commit to shahata/angular.js that referenced this issue Feb 28, 2015

shahata added a commit to shahata/angular.js that referenced this issue Feb 28, 2015

shahata added a commit to shahata/angular.js that referenced this issue Mar 1, 2015

shahata added a commit to shahata/angular.js that referenced this issue Mar 1, 2015

shahata added a commit to shahata/angular.js that referenced this issue Mar 2, 2015

feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950

shahata added a commit to shahata/angular.js that referenced this issue Mar 2, 2015

feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950

shahata added a commit to shahata/angular.js that referenced this issue Mar 2, 2015

feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950

shahata added a commit to shahata/angular.js that referenced this issue Mar 2, 2015

feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950

shahata added a commit to shahata/angular.js that referenced this issue Mar 2, 2015

feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950

@shahata shahata closed this in 92c366d Mar 2, 2015

hansmaad pushed a commit to hansmaad/angular.js that referenced this issue Mar 10, 2015

feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950

netman92 added a commit to netman92/angular.js that referenced this issue Aug 8, 2015

feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment