Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

getCookieString should be exposed #44

Closed
cnotoham opened this issue Nov 10, 2017 · 9 comments
Closed

getCookieString should be exposed #44

cnotoham opened this issue Nov 10, 2017 · 9 comments
Labels
feature

Comments

@cnotoham
Copy link

Hi,

Is there any reason why getCookies in https://github.com/silkimen/cordova-plugin-advanced-http/blob/master/www/cookie-handler.js#L48 is not exposed in ionic?

According to the ionic documentation at https://ionicframework.com/docs/native/http/, the only methods exposed are ClearCookies and RemoveCookies

Thanks,
Cornelius
@silkimen
Copy link
Owner

Hi Cornelius,

it's not exposed in ionic because it's not even exposed in this plugin. What do you need that function for? It's meant to be used internally to create the cookie header. Can you explain your use-case?

@cnotoham
Copy link
Author

Hi Sefa,

I have a requirement whereby I need to set Cookies into an iframe in an ionic application.

@silkimen
Copy link
Owner

Hmm ok, I still don't understand your use-case. This function is meant to create the cookie header string which is sent to the server. So if I'd expose this function you'd be able to get the stored cookies for a specific server. I'm still not sure if this is a good idea (security concerns). But how do you want to use this in an iframe?

e.g. running a GET request to http://www.google.de/

// first time internally call (no cookies are set, yet)
getCookieString('http://www.google.de/') --> '' (returns empty string)

// second time internally call (got a set-cookie answer from google on first request)
getCookieString('http://www.google.de/') --> '1P_JAR=2017-11-14-14; NID=117=eNWNV8UDsZIqxAvqTIZm290wdHWmeJyKwvYzEHsIUFu2CYu10ghFTSvPvS-Q2FSLu3QQw' (returns cookie string)

Is this you want to have?

@cnotoham
Copy link
Author

Sorry, I should have explained it to you much better. This is my project requirements ...
I have to develop a single sign on (SSO) app. Authentication is achieved by using this advanced-http plugin and got the Cookies from the server. I then need to load an app within an iframe. This app is loaded via the same authenticator and this authenticator needs the cookies otherwise it will redirect to the authenticator login page.

So for example, authenticated via https://www.xxx.org by using this plugin and then for the iframe, the src url would be:
https://www.xxx.org/someapp

I have written this app in ionic.

I hope this is a bit clearer.

Thanks so much

@silkimen silkimen changed the title getCookies is not exposed in ionic getCookieString should be exposed Nov 16, 2017
silkimen pushed a commit that referenced this issue Nov 16, 2017
- feature #44: expose "getCookieString" method
9d64062 
- update version number
@silkimen
Copy link
Owner

Ok, thank you for your detailed description. The function "getCookieString" will be exposed in v1.9.0.

@cnotoham
Copy link
Author

Thank you

@Bessonov
Copy link

Bessonov commented Jan 5, 2018

Hello @silkimen,

I don't use this plugin yet, but is there any way to access HttpOnly cookie?

@silkimen
Copy link
Owner

Hi @Bessonov,
yes, you can access HttpOnly cookies just like the other cookies by calling getCookieString(url).

@Bessonov
Copy link

Thank you for your response, @silkimen! But I don't think this is a good idea, because this isn't intended behavior of HttpOnly and leads to XSS. Therefore I can't use this plug in :(

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Bessonov @silkimen @cnotoham