Reputation: 14544
Can't read cookie when there is cookie in header
Please refer to the following picture.
Front-end code calls back-end api to login a user. Back-end is done using Expressjs 4 and cookie store uses redis.
What confuses me is after login is successful, I can see there is cookie set by expressjs using Chrome Inspector, but
document.cookie
Shows nothing. You can use "document.cookie" to set and read cookie of your own, which works fine. But I can't read the one set by back-end API as shown in the above screen picture.
Question
How to read cookie set by back-end API? or What did I miss here?
Upvotes: 0
Views: 1677
Answers (1)
Reputation: 203359
Refering to this documentation:
cookie.httpOnly
Specifies the boolean value for the
HttpOnly Set-Cookieattribute. When truthy, theHttpOnlyattribute is set, otherwise it is not. By default, theHttpOnlyattribute is set.
And according to this:
HttpOnly cookies aren't accessible via JavaScript through the
Document.cookieproperty.
In the devtools, there's a column HTTP that will contain a checkmark for that particular cookie, to reflect its HttpOnly status.
Upvotes: 1
Related Questions
- Cookie is not included in request header / Server side cannot read req.cookies
- Cannot read cookie from express
- couldn't get the cookie nodejs
- Can't access cookies on client side | NodeJS and JS
- request header can't get cookie when using res.cookie of Express 4.x
- Req.headers.cookie is empty, even with cookies in request headers
- Get specific cookie from request headers (express)
- Set-Cookie header not being sent
- Can't set Cookies in browser even though header is present
- Get express encoded cookie as header value