0

Using Chrome's developer tools (tab Resources) or in Firefox's Tools (tab Storage) values like session tokens e.g. PHPSESSID can be seen. Question: How can that value be retrieved programatically? My question is not related with PHP (exclusively) but with, hopefully, Javascript. I mean, a standard way to get the values, all those shown on the mentioned tabs, at the browser side.

Addendum: If I make a request from the browser (I used an AJAX snippet) then checking in the server I can see the PHPSESSID So, there must be a way to get that value available directly from the browser.

Calamar
  • 1,378
  • 1
  • 11
  • 21

1 Answers1

0
function getCookie(cname) {
    var name = cname + "=";
    var ca = document.cookie.split(';');
    for(var i=0; i<ca.length; i++) {
        var c = ca[i];
        while (c.charAt(0)==' ') c = c.substring(1);
        if (c.indexOf(name) == 0) return c.substring(name.length,c.length);
    }
    return "";
}

getCookie('PHPSESSID');
L00_Cyph3r
  • 610
  • 3
  • 14
  • 2
    Have tried that but `document.cookie` is empty – Calamar Sep 23 '16 at 22:50
  • 2
    Can you check if the `PHPSESSID`-cookie has a http-only flag set? Also, can you post the full headers of the http-request? (anonimized ofcourse) – L00_Cyph3r Sep 23 '16 at 22:54
  • Look, if I make a request from the browser (I used an AJAX snippet) then in the server I can see the values. So, there must be a way to have the value available directly from the browser – Calamar Sep 27 '16 at 15:01
  • 2
    @Yeke There *is* a way, and this is it. There are some cookies that javascript won't read by design (http-only), and this person is trying to help you figure out if the particular cookie you are trying to read is one of those exceptions. If it is, you'll have to do something else, like read it server-side and return it as a value in the response. This answer has copy/paste code from a Google search, like literally the first result for the term "read cookie with javascript." You say, "look" to this person like they don't understand... – Chris Baker Sep 27 '16 at 16:12
  • 1
    @ChrisBaker do not take it that way man, I am saying "look" because I considered that I did not explain myself very well (actually I edited the question and it has been marked as duplicate :D Doh!). It's just that I do not understand how something that the browser shows me and which I can copy/paste, cannot be obtained through code. It's a strictly browser side problem for me. – Calamar Sep 28 '16 at 08:59
  • This is not the answer to the question. The question was not how to read cookies with JavaScript but how the special `PHPSESSID` cookie can be read with JavaScript. – Michael Käfer May 09 '20 at 13:57