More powerful $cookies service #950

Closed
reichart opened this Issue May 11, 2012 · 67 comments
@reichart

I want to set a cookie on the root path / so it's available everywhere on the domain.

But the $cookies service only accepts name and value, and always sets the cookie path to the current page via self.baseHref().

Could the $cookies service be extended to provide access to additional cookie properties like path, expires, domain and secure?

I quite like the API of the jquery.cookie plugin: https://github.com/carhartl/jquery-cookie#usage. It keeps the common name=value use case simple and allows to set additional cookie properties via a third options object parameter.

I'm not very proficient in Javascript but I might try to implement something over the weekend.

@jzacsh
Contributor
jzacsh commented Aug 31, 2012

Working on this (first version, I'm not worried about providing jquery's "raw" option), just updating tests now.

branch is here: jzacsh@master...issue950_cookies

@jzacsh
Contributor
jzacsh commented Mar 9, 2013

Hey, sorry I forgot to update this thread. Switched teams and don't have the time do this. Someone should take this on :-)

@eddiemonge
Contributor

any updates on this?

@solidspark

+1 for updates and a resolution

@wkonkel wkonkel referenced this issue in bountysource/core Sep 24, 2013
Closed

Use secure cookies when storing access_token #229

@wkonkel
wkonkel commented Sep 24, 2013

+1 Not supporting secure cookies is a security issue and should be addressed ASAP.

@eddiemonge
Contributor

you could always use a different library like: https://github.com/grevory/angular-local-storage

@lewisgoddard

Would it not be possible to simply replace the existing code for cookie control with a third-party library like jQuery Cookie https://github.com/carhartl/jquery-cookie

This plugin provides support for custom expiry dates, domain names (set example.com from sub.example.com etc), path values, and secure cookies, thus:

$.cookie('cookiename', 'cookievalue', { expires: 7, path: '/', domain: 'example.com', secure: true });

@wkonkel
wkonkel commented Oct 7, 2013

Although local-storage and jQuery both provide workarounds, this ticket is for fixing the core issue within AngularJS so workarounds aren't necessary.

@eddiemonge
Contributor

angular-cookies is no longer 'core'. its more of a Angular team supported plugin now.

@Narretz
Contributor
Narretz commented Dec 17, 2013

+1

@bwdolphin

+1 - for reference this seems to work pretty well - https://github.com/ivpusic/angular-cookie - but I still think this should be part of the included Angular cookie plugin.

@johannesjo

+1

@jeffbcross jeffbcross was assigned Jan 31, 2014
@jeffbcross jeffbcross removed their assignment Feb 3, 2014
@jeffbcross jeffbcross added this to the Backlog milestone Feb 4, 2014
@jonrimmer

+1
We were just bitten by this, with cookies being shared between different environments running on the same host but different ports.

The current implementation is dangerous IMO, as it makes it impossible to properly secure cookies you create. This is going to lead to Angular apps which are vulnerable to XSS attacks.

@lucianenache

+1
what is the current status?

@kbanman
kbanman commented Feb 19, 2014

+1
I'd like to be able to set path, expiry and domain

@HNygard
Contributor
HNygard commented Mar 18, 2014

👍

@mellodev

+1 any update?

I want to use $cookieStore to store data that can be read by javascript running on any of my products subdomains (lasvegas.x.com, losangeles.x.com)

@tniswong

+1

@joseym
joseym commented Apr 24, 2014

👍 , but a 2 year old outstanding issue with this many bumps? Probably best to find another solution.

@kmlx
kmlx commented Apr 24, 2014

@joseym I can imagine most people found a workaround 'till now.
This issues is in the Backlog milestone, which implies it would get 'fixed' sometime in the future.

** Later edit: **
PR would be helpful, albeit I don't need this now. Been using https://github.com/grevory/angular-local-storage with great success.

@yokomizor

+1

@kevinhikaruevans

+1.

Doesn't make much sense to have cookies, then to skip every single feature of them.

@HouCoder

+1

@akarelas

👍

@jscti
jscti commented May 23, 2014

+1 ... Can't believe this cookie API is this poor
edit: just found https://github.com/ivpusic/angular-cookie

@joseym
joseym commented May 23, 2014

@bixibu I ended up using the same library and it works well.

Some have alluded to the existence of other libraries as the solution, however I believe (as I think most others do as well) that if angular is going to have its own cookie module, it should be complete, or not exist at all.

Most on-boarders would assume that the cookie module that comes from the creators of the framework they're using would be the best option.

Its simply misleading.

@eXon
eXon commented May 26, 2014

👍 No reason to not have the options

@huyinghuan

+1

@Soviut
Soviut commented Jun 4, 2014

+1

@GinoF
GinoF commented Jun 4, 2014

+1

@dhruv
dhruv commented Jun 13, 2014

+1

@elsewares

Also +1. Seriously.

@danielcamargo

+1

@Meligy
Meligy commented Jul 7, 2014

+1 - at least allow for setting path

@michi88
michi88 commented Jul 22, 2014

+1 I actually didn't believe the docs to be accurate on this... but they are

@tthew
tthew commented Jul 23, 2014

one more for the pile: 👍

@madumlao
madumlao commented Aug 2, 2014

I would have started work on this but this seems to be already be addressed by pull requests #6335 submitted in February and a sequel #6507 in March. Which sadly havent been merged...

@adrianstainforth

one more +1

@stevermeister
Contributor

👍

@btford btford removed the gh: issue label Aug 20, 2014
@sricc
sricc commented Aug 27, 2014

👍

@stevermeister
Contributor

I'm tired of waiting when it's merged
created own module to deal with domain, path, etc..
welcome
https://github.com/stevermeister/ng-biscuit

@TobbbeSw

👍

@carueda
carueda commented Sep 12, 2014

om 👍

@nancoder

👍

@bfowle
bfowle commented Sep 17, 2014

+1

@Jazzepi
Jazzepi commented Sep 18, 2014

+9001

@marcmenges

+1

@taly
taly commented Sep 20, 2014

+1

@simpsonjon

+1

@takashi
Contributor
takashi commented Oct 6, 2014

👍

@sjogreen-sp

+1

@JamSquad
JamSquad commented Oct 7, 2014

Plus one

@corkupine

+1

@grantgeorge

👍

@dallasvogels

👍

@gdi2290
Member
gdi2290 commented Dec 11, 2014

👍

@petebacondarwin petebacondarwin modified the milestone: 1.4.x, Backlog Dec 14, 2014
@Ppchiu
Ppchiu commented Dec 16, 2014

Is this one still up for grabs by the community? I would love to take it on.

@martinmcwhorter

I, like @Ppchiu, would be willing to take this on.

@shahata shahata added a commit to shahata/angular.js that referenced this issue Dec 19, 2014
@shahata shahata feat($cookieStore): add options support for put method
Closes #8324, #3988, #1786, #950
73fccee
@shahata shahata added a commit to shahata/angular.js that referenced this issue Dec 19, 2014
@shahata shahata feat($cookieStore): add options support for put method
Closes #8324, #3988, #1786, #950
99beb32
@shahata shahata added a commit to shahata/angular.js that referenced this issue Dec 19, 2014
@shahata shahata feat($cookieStore): add options support for put method
Closes #8324, #3988, #1786, #950
1a8e225
@voronianski

Limitations of $cookieStore forced me to port common and well-known jquery-cookie plugin as separate Angular cookie provider, check it here - https://github.com/voronianski/ngKookies

@caitp
Contributor
caitp commented Dec 28, 2014

we should look into that and see if it looks suitable for inclusion as a core module (if that sounds alright with you @voronianski)

@voronianski

@caitp this sounds great!

@shahata shahata added a commit to shahata/angular.js that referenced this issue Jan 5, 2015
@shahata shahata feat($cookieStore): add options support for put method
Closes #8324
Closes #3988
Closes #1786
Closes #950
d456789
@gelus
gelus commented Jan 27, 2015

I'd love to take this one if it is available. however it looks like it has already been taken care of by this commit: d456789

Can any one verify this?
@zoltantarcsay, since you've most recently +1ed it, is it still an issue?

@catindev
catindev commented Feb 3, 2015

+1

@stevermeister
Contributor

I've updated my module fix - ng-biscuit, but of course ngKookies looks more mature

@FagnerMartinsBrack FagnerMartinsBrack referenced this issue in carhartl/jquery-cookie Feb 10, 2015
Closed

Remove jQuery dependency requirement? #349

@shahata shahata added a commit to shahata/angular.js that referenced this issue Feb 28, 2015
@shahata shahata feat($cookieStore): add options support for put method
Closes #8324
Closes #3988
Closes #1786
Closes #950
4c27f2f
@shahata shahata added a commit to shahata/angular.js that referenced this issue Feb 28, 2015
@shahata shahata feat($cookieStore): add options support for put method
Closes #8324
Closes #3988
Closes #1786
Closes #950
86ebe06
@shahata shahata added a commit to shahata/angular.js that referenced this issue Feb 28, 2015
@shahata shahata feat($cookieStore): add options support for put method
Closes #8324
Closes #3988
Closes #1786
Closes #950
2225f46
@shahata shahata added a commit to shahata/angular.js that referenced this issue Mar 1, 2015
@shahata shahata feat($cookieStore): add options support for put method
Closes #8324
Closes #3988
Closes #1786
Closes #950
fa39098
@shahata shahata added a commit to shahata/angular.js that referenced this issue Mar 1, 2015
@shahata shahata feat($cookieStore): add options support for put method
Closes #8324
Closes #3988
Closes #1786
Closes #950
b5894ab
@shahata shahata added a commit to shahata/angular.js that referenced this issue Mar 2, 2015
@shahata shahata feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950
56c6352
@shahata shahata added a commit to shahata/angular.js that referenced this issue Mar 2, 2015
@shahata shahata feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950
553f883
@shahata shahata added a commit to shahata/angular.js that referenced this issue Mar 2, 2015
@shahata shahata feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950
7eb087c
@shahata shahata added a commit to shahata/angular.js that referenced this issue Mar 2, 2015
@shahata shahata feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950
0d734da
@shahata shahata added a commit to shahata/angular.js that referenced this issue Mar 2, 2015
@shahata shahata feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950
7ba78ce
@shahata shahata added a commit that closed this issue Mar 2, 2015
@shahata @petebacondarwin shahata + petebacondarwin feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950
92c366d
@shahata shahata closed this in 92c366d Mar 2, 2015
@hansmaad hansmaad pushed a commit to hansmaad/angular.js that referenced this issue Mar 10, 2015
@shahata shahata + hansmaad feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950
7f06ca9
@netman92 netman92 added a commit to netman92/angular.js that referenced this issue Aug 8, 2015
@shahata @netman92 shahata + netman92 feat($cookies): allow passing cookie options
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes #8324
Closes #3988
Closes #1786
Closes #950
a10e240
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment