SyntaxFix

[javascript] Set a cookie to HttpOnly via Javascript

I have a cookie that is NOT HttpOnly Can I set this cookie to HttpOnly via JavaScript?

This question is related to javascript http cookies

The answer is

An HttpOnly cookie means that it's not available to scripting languages like JavaScript. So in JavaScript, there's absolutely no API available to get/set the HttpOnly attribute of the cookie, as that would otherwise defeat the meaning of HttpOnly.

Just set it as such on the server side using whatever server side language the server side is using. If JavaScript is absolutely necessary for this, you could consider to just let it send some (ajax) request with e.g. some specific request parameter which triggers the server side language to create an HttpOnly cookie. But, that would still make it easy for hackers to change the HttpOnly by just XSS and still have access to the cookie via JS and thus make the HttpOnly on your cookie completely useless.

Source: Stackoverflow.com

Examples related to javascript

need to add a class to an element How to make a variable accessible outside a function? Hide Signs that Meteor.js was Used How to create a showdown.js markdown extension Please help me convert this script to a simple image slider Highlight Anchor Links when user manually scrolls? Summing radio input values How to execute an action before close metro app WinJS javascript, for loop defines a dynamic variable name Getting all files in directory with ajax

Examples related to http

Access blocked by CORS policy: Response to preflight request doesn't pass access control check Axios Delete request with body and headers? Read response headers from API response - Angular 5 + TypeScript Android 8: Cleartext HTTP traffic not permitted Angular 4 HttpClient Query Parameters Load json from local file with http.get() in angular 2 Angular 2: How to access an HTTP response body? What is HTTP "Host" header? Golang read request body Angular 2 - Checking for server errors from subscribe

Examples related to cookies

SameSite warning Chrome 77 How to fix "set SameSite cookie to none" warning? Set cookies for cross origin requests Make Axios send cookies in its requests automatically How can I set a cookie in react? Fetch API with Cookie How to use cookies in Python Requests How to set cookies in laravel 5 independently inside controller Where does Chrome store cookies? Sending cookies with postman

Tags

Multiple-databases Mootools1.2 Membershipuser Couchrest Cnf Codemirror Nodevalue Compiler-optimization Contracts Evc Listboxitem Fixed-width Locallib Curl Server-push Inlineeditbox Ghci Private Web-operating-system Configsource Mod-alias Botnet Universal-binary Functor Redgate Process-substitution System.management Rspec User32 Mocha.js Scale9grid Yui-grids Machg Scoreninja Configparser Mask Seo Qt-creator Jit Error-recovery Geospatial Alphabet Tibco Extras Cache-money Django-errors Uibarbuttonitemstyle Catalyst Hammer Latin9 Listbox-control Using-directives Mappath Datalist Mailboxprocessor Hypercube Onready Multiple-sites Nexusdb Smoothing Apache-fop Project-conversion Pdfview Wcf-hosting Smartcard Haslayout Java-ee-5 Database-migration Wsimport Boost-test Django-profiles Hiawatha Nspathcontrol Focus Anycpu Atomic Loadlibrary Email-threading Supercomputers Page-flow Rollback Try-finally Connection-timeout Number-recognition Cunit Android-preferences Auctex Ireport After-create Grep Oauth-provider Cgal Wildcard-mapping Defaultbutton Xapian Compile-mode Markers Rostering Numerical-computing Requirehttps