Skip to content Skip to sidebar Skip to footer
Home / Angularjs / Cookies / Javascript / Restful Authentication / Single Page Application

Query About Accessing Httponly Cookie & Secure Cookie

Post a Comment
I am working on RESTful SPA app using angularJS. Currently initial REST call is setting a 'token' cookie on xyz.com ( secured response cookie) after successful user login. I am n

Solution 1:

As the author of a website:

  • You cannot read a cookie for a different site (ever)
  • You cannot read an HTTP Only cookie with JavaScript
  • You cannot read a Secure cookie unless it is served over HTTPS

That's three separate conditions, with independent effects, and none, some or all of them can apply to any given cookie.

Therefore if a cookie is secure and for a different site then you can't read it no matter if you use HTTPS or not (since different site blocks you even if secure does not).

You may like these posts

Post a Comment for "Query About Accessing Httponly Cookie & Secure Cookie"