Skip to content

banner ajax
The Complete Reference: Ajax

Examples: HttpOnly Cookies

Cookie Access via JavaScript





<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Chapter 7 : Security - Standard and HTTP Only Cookies</title>
<link rel="stylesheet" href="http://ajaxref.com/ch7/global.css" type="text/css" media="screen" />
<script src="http://ajaxref.com/ch7/ajaxtcr.js" type="text/javascript">
</script>
<script type="text/javascript">
 
 
function showResponse(response)
{
  var responseOutput = document.getElementById("responseOutput");    
  responseOutput.innerHTML = response.xhr.responseText;
}
    
function sendRequest(payload)
{
  var url = "http://ajaxref.com/ch7/cookie.php";
  var options = { method: "GET",
                    payload : payload,
                  onSuccess : showResponse};
  
  AjaxTCR.comm.sendRequest(url,options);   
}
 
function displayCookies()
{
    var responseOutput = document.getElementById("responseOutput");    
    responseOutput.innerHTML = "<strong>Cookies accessed via Javascript: </strong>" + document.cookie;
}
 
window.onload = function() 
{ 
    document.requestForm.setNormal.onclick=function(){sendRequest("cookie=normal");};
    document.requestForm.setHttp.onclick=function(){sendRequest("cookie=httponly");};
    document.requestForm.checkJs.onclick=function(){displayCookies();};
    document.requestForm.checkServer.onclick=function(){sendRequest("cookie=show");};
    
}
</script>
 
</head>
<body>
<div class="content">
<h1>Cookie Access via JavaScript</h1>
<br /><br />
<form action="#" name="requestForm">
    <input type="button" value="Set Normal Cookie" name="setNormal" />
    <input type="button" value="Set HttpOnly Cookie" name="setHttp"  />
    <input type="button" value="Check Cookies through Javascript" name="checkJs" />
    <input type="button" value="Check Cookies through Server" name="checkServer"  />
</form>
</div>
<br /><br />
 
<div id="responseOutput" class="response"></div>
 
 
</body>
</html>