Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
H
H
hckn2018-09-14 21:02:21
JavaScript
hckn, 2018-09-14 21:02:21

How to logout with httpOnly cookies?

httpOnly cookies cannot be deleted on the client, only by a request to the server.
And how then to do a logout if the user, for example, pressed the logout button while being offline?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
I
Ilya Loginov, 2018-09-14
@hckn

You can create regular cookies in which you will store the login=1 field, which you can safely delete offline and give the user an authorization page the next time the server is accessed. Also, in cases of XSS attacks, the maximum that can be done is to log out the user.

Similar questions
S
Sergey Nizhny Novgorod2017-03-24 16:49:17
How to get the last element as fast as possible in Django? 1Reply
S
Sergey2015-03-27 10:22:55
Cookie counter junk in Chrome, how to cure? 2Reply
N
nekiystranger2019-09-05 11:27:01
TurboHD over one cable? 1Reply
A
AlexStartsev2017-04-13 12:46:13
What are the current TODO plugins for Sublime Text 3? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question