randy
Reputation: 1877
Can't access cookie with HttpOnly flag from my React app using universal-cookie
I'm setting up CSRF in my React application and I'm trying to access a cookie that has been set by my Node server.
I'm using universal-cookie to try to read the cookies. I can access some of the cookies, just not the one I need.
The cookies look like:
csrf_token_secret=s%3AXfLOSTp6QNLTeRk;
Path=/; Expires=Tue, 20 Mar 2018 12:34:34 GMT; HttpOnly
_csrf=PqswrVPP4GUePCh-0fFewrHh; Path=/
Using universal-cookie I tried:
const cookies = new Cookies();
console.log(cookies.get('csrf_token_secret'));
console.log(cookies.get('_csrf'));
I can access _csrf just fine but I can't get the value of csrf_token_secret.
What do I need to do differently to get the value of this cookie? I assume it has something to do with the HttpOnly flag?
Upvotes: 3
Views: 8759
Answers (1)
Kelakuta
Reputation: 86
The HttpOnly tag means it can't be accessed by JS, only by your server.
this explains things in more detail... Set a cookie to HttpOnly via Javascript
Upvotes: 7
Related Questions
- Cookies.get() is undefined
- How to access a browser cookie in a react app
- can't access httponly cookie from react js but can access in postman app! how is it possible?
- Not able to get cookie from Node to React
- Cannot retrieve cookies from react request
- reactjs universal-cookie package error when calling get()
- Accessing document.cookie returns empty string even though cookies are listed in developer tools with httpOnly flag set to false
- Get cookie on first render returns undefined with universal-cookie
- Can't read 'httpOnly: false' Cookie
- How do I get cookies in react js using react-cookie?