我正在尝试通过代码读取所有 cookie 值
cookie = document.cookie
当我执行alert(cookie)或console.log(cookie)时,我得到以下数据
phpcsls=4; __utma=229677836.804108415.1388064796.1388064796.1388064796.1; __utmb=229677836.5.10.1388064796; __utmc=229677836; __utmz=229677836.1388064796.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
但是如果我打开开发者控制台并检查 cookies 文件夹,这就是我所拥有的
我有兴趣从 cookie 中读取 PHPSESSID。我该怎么做?
最佳答案
通过查看您的开发者控制台,您可以看到您的 session cookie 已设置为 HTTP
。
这意味着 session cookie是HttpOnly。看看setcookie() documentation你会看到:
When TRUE the cookie will be made accessible only through the HTTP protocol. This means that the cookie won't be accessible by scripting languages, such as JavaScript. It has been suggested that this setting can effectively help to reduce identity theft through XSS attacks (although it is not supported by all browsers), but that claim is often disputed. Added in PHP 5.2.0. TRUE or FALSE
由于 session cookie 是 HttpOnly,因此无法从 Javascript 读取它。所以简短的回答是:这是不可能的。
关于javascript - 在控制台中读取 PHP session ID,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/20786301/