You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
browsers have implemented the httpOnly flag for cookies to prevent cookies from beeing accessable via javscript (security feature to prevent cookie stealing)
in .js scripts it might however be desired to have a cookie "stolen"
(eg I am creating a script that collects links from a page and then prints me a curl snipped that I can run in the console, however, on this page, some files require me to be logged in, but curl obviously is not logged in, so I would like to include my session cookie which httpOnly into the curl snippet)
as .js is a browser plugin, is it possible to make httpOnly cookies available?
The text was updated successfully, but these errors were encountered:
browsers have implemented the httpOnly flag for cookies to prevent cookies from beeing accessable via javscript (security feature to prevent cookie stealing)
in .js scripts it might however be desired to have a cookie "stolen"
(eg I am creating a script that collects links from a page and then prints me a curl snipped that I can run in the console, however, on this page, some files require me to be logged in, but curl obviously is not logged in, so I would like to include my session cookie which httpOnly into the curl snippet)
as .js is a browser plugin, is it possible to make httpOnly cookies available?
The text was updated successfully, but these errors were encountered: