I already tried document.cookie and it didn't work. I tried researching but I couldn't find a solution.
Asked
Active
Viewed 548 times
-2
CKevin
- 3
- 1
1 Answers
2
You can't - thats the whole point of HttpOnly
A cookie with the HttpOnly attribute is inaccessible to the JavaScript Document.cookie API; it is sent only to the server. For example, cookies that persist server-side sessions don't need to be available to JavaScript, and should have the HttpOnly attribute. This precaution helps mitigate cross-site scripting (XSS) attacks
Info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
If your cookie does not contain sensitive info (such as a server-side session) then it should not be marked HttpOnly!
Jamiec
- 128,537
- 12
- 134
- 188