开发者

Scriptonly cookies?

开发者 https://www.devze.com 2023-02-19 09:27 出处:网络
So, basically what I want is the exact opposite of httponly cookies. I want to set a cookie in the browser via JavaScript and be able to retrieve it via JavaScript only. Meaning, that the cookie is no

So, basically what I want is the exact opposite of httponly cookies. I want to set a cookie in the browser via JavaScript and be able to retrieve it via JavaScript only. Meaning, that the cookie is not sent to the server.

The use case is that the JS application is served from an unencrypted http connectio开发者_开发技巧n. That means that the cookie is sent to the server unencrypted as well and can be sniffed.


What you need is :

  • userData in Internet Explorer 5.5 and above.
  • Local Shared Object in Adobe Flash Player browser plugin.
  • Web Storage in HTML 5 capable browsers
0

精彩评论

暂无评论...
验证码 换一张
取 消