<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Chapter 7 : Security - Standard and HTTP Only Cookies</title>
<link rel="stylesheet" href="http://ajaxref.com/ch7/global.css" type="text/css" media="screen" />
<script src="http://ajaxref.com/ch7/ajaxtcr.js" type="text/javascript">
<script type="text/javascript">
function showResponse(response)
{
var responseOutput = document.getElementById("responseOutput");
responseOutput.innerHTML = response.xhr.responseText;
}
function sendRequest(payload)
{
var url = "http://ajaxref.com/ch7/cookie.php";
var options = { method: "GET",
payload : payload,
onSuccess : showResponse};
AjaxTCR.comm.sendRequest(url,options);
}
function displayCookies()
{
var responseOutput = document.getElementById("responseOutput");
responseOutput.innerHTML = "<strong>Cookies accessed via Javascript: </strong>" + document.cookie;
}
window.onload = function()
{
document.requestForm.setNormal.onclick=function(){sendRequest("cookie=normal");};
document.requestForm.setHttp.onclick=function(){sendRequest("cookie=httponly");};
document.requestForm.checkJs.onclick=function(){displayCookies();};
document.requestForm.checkServer.onclick=function(){sendRequest("cookie=show");};
}
</head>
<body>
<div class="content">
<h1>Cookie Access via JavaScript</h1>
<br /><br />
<form action="#" name="requestForm">
<input type="button" value="Set Normal Cookie" name="setNormal" />
<input type="button" value="Set HttpOnly Cookie" name="setHttp" />
<input type="button" value="Check Cookies through Javascript" name="checkJs" />
<input type="button" value="Check Cookies through Server" name="checkServer" />
</form>
</div>
<br /><br />
<div id="responseOutput" class="response"></div>
</body>
</html>