MySQL_Narb Posted July 7, 2012 Share Posted July 7, 2012 For FireFox I've been learning more about AJAX, and one of my applications need to read a httpOnly cookie (not my choice) in order to work properly. How can I go about this? I tried: var req = null; try { req = new XMLHttpRequest(); } catch(e) {} if (!req) try { req = new ActiveXObject("Msxml2.XMLHTTP"); } catch(e) {} if (!req) try { req = new ActiveXObject("Microsoft.XMLHTTP"); } catch(e) {} req.open('GET', 'http://www.removed.com/', false); req.send(null); alert(req.getResponseHeader("bb_sessionhash")); Yet his only outputs null? Link to comment https://forums.phpfreaks.com/topic/265367-httponly-cookie-retrieval/ Share on other sites More sharing options...
Adam Posted July 8, 2012 Share Posted July 8, 2012 Any custom HTTP response/request headers should start with "X-". Are you sure you don't mean to parse the "bb_sessionhash" cookie from the "Set-Cookie" response header? Bare in mind you will only be able to do that whenever the cookie is actually sent back. Why are you being forced to use a httpOnly cookie may I ask? Link to comment https://forums.phpfreaks.com/topic/265367-httponly-cookie-retrieval/#findComment-1359970 Share on other sites More sharing options...
.josh Posted July 8, 2012 Share Posted July 8, 2012 also, you can only make ajax requests to the same domain the script is calling from. You didn't give that level of detail, but just thought I'd throw that out there... Link to comment https://forums.phpfreaks.com/topic/265367-httponly-cookie-retrieval/#findComment-1359988 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.