Ask the master, for example, in the following http request request headers information, is it possible to get the value of this cookie through js? Please tell me whether to modify this Cookie value using js!
漂亮男人2017-05-19 10:28:56
First of all, you need to check whether the message has set httpOnly
,如果设置了这个属性,那么在客户端是无法通过js
读取甚至是操作cookie
信息的。设置这个字段主要是为了防止xss
注入攻击,防止cookie
信息被盗取。
如果没有设置httpOnly
属性,就可以通过浏览器提供相关的API
对cookie
进行操作,也可以使用一些第三方的库来对cookie
information when the backend returns, for example, https://github.com/js-cookie/...
習慣沉默2017-05-19 10:28:56
Check in the developer tools to see if it is http only. If it is http only, js cannot be read or written.