MySQL_Narb Posted July 7, 2012 Share Posted July 7, 2012 For FireFox I've been learning more about AJAX, and one of my applications need to read a httpOnly cookie (not my choice) in order to work properly. How can I go about this? I tried: var req = null; try { req = new XMLHttpRequest(); } catch(e) {} if (!req) try { req = new ActiveXObject("Msxml2.XMLHTTP"); } catch(e) {} if (!req) try { req = new ActiveXObject("Microsoft.XMLHTTP"); } catch(e) {} req.open('GET', 'http://www.removed.com/', false); req.send(null); alert(req.getResponseHeader("bb_sessionhash")); Yet his only outputs null? Quote Link to comment Share on other sites More sharing options...
Adam Posted July 8, 2012 Share Posted July 8, 2012 Any custom HTTP response/request headers should start with "X-". Are you sure you don't mean to parse the "bb_sessionhash" cookie from the "Set-Cookie" response header? Bare in mind you will only be able to do that whenever the cookie is actually sent back. Why are you being forced to use a httpOnly cookie may I ask? Quote Link to comment Share on other sites More sharing options...
.josh Posted July 8, 2012 Share Posted July 8, 2012 also, you can only make ajax requests to the same domain the script is calling from. You didn't give that level of detail, but just thought I'd throw that out there... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.