When creating a cookie using javascript using document.cookie
document.cookie = name + "=" + value + "; " + expires + ";path=/";
will the domain be populated or do I need to specify it?
You can only create cookies for the domain that your script is running under. So yes, the browser will set the cookie for the proper domain.
It will be populated.
You can run this in the console and then look at the cookies and Domain will be populated.
document.cookie = "val=val;Session;path=/";
Related
I am storing token in cookie and want to secure by secure flag but when I console then secure flag is not showing.
function setCookie(cname, cvalue) {
document.cookie = cname + "=" + cvalue + ";" + "secure";
}
document.cookie>
"token1=xxxxxxxxxxxxx ; token2=yyyyyyyyy; "
It'll not print Secure when you do document.cookie but this can be verified by navigating to Application tab under developer console and Cookies under Storage
Application -> Storage -> Cookies -> (Your site)
In the right side you can see all the cookies set for the site, there you can check Secure flag whether it's set or not.
Below I'm attaching the screenshots for the same
Hope this helps.
The following code works fine in FF:
var date = new Date();
date.setTime(date.getTime() + (1 * 24 * 60 * 60 * 1000));
expires = "; expires=" + date.toGMTString();
document.cookie = "c_odi" + "=" + $('#orderdetailid').val() + expires + "; path=/";
But not in Chrome. When I'm using Chrome and I do document.cookie in the console to view cookies, the c_odi cookie isn't there. But when I do the same in FF, it is. How can we make cookies work in Chrome? The cookies that were added by PHP are fine, but not this one in JavaScript, and I do need to add this cookie via JavaScript at this point.
This problem can occur if You open Your code as file:///C:/.../xxx.html instead of http:// localhost/xxx.html. Chrome doesn't save cookies (because there is no domain and no http communication) in file:// case.
Few links of interest:
https://gist.github.com/shellscape/02d3a97031e7afdf99d2642f93d59486
Setting Cookies using JavaScript in a local html file
https://bugzilla.mozilla.org/show_bug.cgi?id=536650
https://datatables.net/forums/discussion/46255/save-state-to-cookie-in-file-protocol
Chrome doesn’t store cookies from the pages which are loaded from local file system. For example if you are accessing a HTML file in chrome browser from local file system(ex: file:///C:/Users/deepak.r/Desktop/test.html), cookies are not supported.
Try to replace this line:
document.cookie = "c_odi" + "=" + $('#orderdetailid').val() + expires + "; path=/";
with this one:
document.cookie = "c_odi" + "=" + escape($('#orderdetailid').val()) + expires + "; path=/";
You would have to use unescape when you try to read value, but you'll menage when time comes :)
Seems like it's working for me:
http://jsfiddle.net/rQEnF/3/
At least the cookie shows up in dev tools, as you can see. However, I replaced the jQuery selector $('#orderdetailid').val() with a constant value, as you can see. Is there something wrong with that value or the element containing the value maybe?
Make sure your address bar url matches the domain. In Chrome if you set domain=www.site.com and then test your page in the browser missing out the www. it won't work.
I've created a cookie like below and can retrieve all font_size, back_color and font_name. But once I close the browser the cookie is lost. From what I know is if we get expiry date wrong cookie can be lost but I've tested the date, expireGMT and is fine. Have I done anything wrong in the code below? Do I need to include path as well?
document.cookie = "font_size=14";
document.cookie = "back_color=Gray";
document.cookie = "font_name=Georgia";
document.cookie = "expires=" + expireGMT;
Each individual write to document.cookie is the setting of a cookie, and any options (including that cookie's expiration date) must be set on that write. You need to include the expiring time on every cookie assignment:
document.cookie = "font_size=14; expires=" + expireGMT;
document.cookie = "back_color=Gray; expires=" + expireGMT;
document.cookie = "font_name=Georgia; expires=" + expireGMT;
without that, each cookie will be created as session cookies and expire when the browser's closed.
Say I have two apps, www.test.com and sub.test.com, now in sub.test.com, I create a window to load www.test.com with codes like :
window.open('www.test.com');
So the window just popup and load www.test.com successfully.
Then I set a cookie in sub.test.com, say "uname=wong2;domain=.test.com", I've learned that with set to domain=.test.com, all sites with domain test.com(such as www.test.com, aaa.test.com, test.com) can read the cookie.
But when I try to load the cookie from the window that just popup with www.test.com, it can't get it.
Then I found that if I don't use window.open but directly open www.test.com in browser, it works.
So is there some restrictions on window.open and cookie?
just check how you set the cookie:
var domain = 'test.com';
var expires = (function(days){
date = new Date();
date.setTime(date.getTime() + (days * 24 * 60 * 60 * 1000));
return date.toUTCString();
})(5);
var name = 'myCookie';
var path = '/';
var value = 'foo';
document.cookie = name + "=" + encodeURIComponent(value) + "; expires=" + expires + "; path='" + path + "'; domain=" + domain + ";";
That is called cross domain and you cant set cookie in one domain and try to access that in different domain. Browsers wont allow doing this.I think you can accomplish this using iframe or same origin policy or try using document.domain I am not sure what you want to do exactly.
I have an app that is run from a compiled DLL on a web server. I need to do some Single Sign On (SSO) integration with the app, and the only way I can "inject" functionality, is to modify an external JavaScript file that gets referenced.
In the JavaScript file are some code blocks to set cookies with the session ID of that App. I tried adding more code to add more cookies so I could read the cookies from another sub domain, but the cookies don't get set!
I call the exact same cookie set function with a different name and it doesn't work. I debugged with FireFox and watched the JavaScript code get called for my new cookies, but still, no new cookies!!! I even see the existing cookies being updated!!! What gives!
Can anyone save my sanity!?!?!?
Here is the cookie setting function:
function setCookie (name,value,expires,path,domain,secure)
{
document.cookie = name + "=" + escape (value) +
((expires) ? "; expires=" + expires.toGMTString() : "") +
((path) ? "; path=" + path : "") +
((domain) ? "; domain=" + domain : "") +
((secure) ? "; secure" : "");
}
And here is the code that calls it:
var twoHours = 1800*1000;
var expDate = new Date();
var secondExpire = expDate.getTime();
expDate.setTime(expDate.getTime() + twoHours);
setCookie("mysession",123456789,expDate,"/",null,false);
setCookie("mylastConnect",secondExpire,expDate,"/",null,false);
Try setting the domain to ".exemple.com". This should make the cookie accessible for all subdomains of exemple.com (but not to http://exemple.com, you'd have to put a second cookie).
Also check your browser's cookie settings, but I assume you've done that.