Answer the question
In order to leave comments, you need to log in
D
D
denis_213213212020-10-01 09:41:36
denis_21321321, 2020-10-01 09:41:36
Why doesn't the document.cookie method display all cookies?
When I click on "learn more information about this site" it shows 2 in the cookie files.
But if I type the document.cookie method in the console, it only displays 1.
How does it work? As I understand it, it is possible to hide certain cookies so that they cannot be obtained from the console? And where is it written?
There is no mention of this anywhere on the internet.
1 answer(s)
@Stalker_RED
S
Stalker_RED, 2020-10-01 @Stalker_RED
Secure ("safe") and HttpOnly cookies
"Secure" (secure) cookies are sent to the server only if the request is made over SSL and HTTPS. However, sensitive data should never be transmitted or stored in cookies, since the mechanism itself is very vulnerable to security, and the secure flag does not provide any additional encryption or security features. Starting with Chrome 52 and Firefox 52, insecure sites (http:) cannot set cookies with the secure flag.
HTTPonly cookies are not accessible from JavaScript via the Document.cookie API properties, which helps avoid cross-site scripting ( XSS). Set this flag for cookies that do not need to be accessed via JavaScript. In particular, if cookies are used only to maintain the session, then JavaScript does not need them, so the HttpOnly flag should be set in this case.
Similar questions
B
T
R
F
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question