Skip to content
This repository was archived by the owner on Nov 15, 2017. It is now read-only.

support for HttpOnly #122

Closed
sdepold opened this issue Oct 25, 2012 · 2 comments
Closed

support for HttpOnly #122

sdepold opened this issue Oct 25, 2012 · 2 comments

Comments

@sdepold
Copy link

sdepold commented Oct 25, 2012

if i get that right, there is currently no way to set HttpOnly. Would be cool to have that. Here is some reading about it: http://www.codinghorror.com/blog/2008/08/protecting-your-cookies-httponly.html
@carhartl
Copy link
Owner

carhartl commented Nov 7, 2012

The idea of HttpOnly is to prevent cookies from being accessible through client-side code (that is document.cookie). AFAIK there is no way to write a cookie client-side that turns into a HttpOnly cookie afterwards.

@carhartl carhartl closed this as completed Nov 7, 2012
@sdepold
Copy link
Author

sdepold commented Nov 7, 2012

ah! ok that makes sense :)

@FagnerMartinsBrack FagnerMartinsBrack mentioned this issue Mar 6, 2013
Closed
@carhartl carhartl mentioned this issue Nov 25, 2013
Closed
@carhartl carhartl mentioned this issue Dec 29, 2013
Closed
@FagnerMartinsBrack FagnerMartinsBrack mentioned this issue Sep 9, 2015
Closed
@FagnerMartinsBrack FagnerMartinsBrack mentioned this issue Aug 3, 2017
Closed
@FagnerMartinsBrack FagnerMartinsBrack mentioned this issue Oct 19, 2017
Closed
@FagnerMartinsBrack FagnerMartinsBrack mentioned this issue Nov 14, 2018
Closed
@jsommr jsommr mentioned this issue Sep 3, 2019
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@carhartl @sdepold