Why can't I get 'sessionid' on the client side?
https://stackoverflow.com/questions/12436521
-
02-07-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian문제
I log into django admin. When I open firebug JS console and try to print cookies with document.cookie I only get csrftoken cookie. But when I open Firefox preferences > Privacy > Delete cookie... then I can see sessionid cookie.
How to get that on client side?
해결책
You cannot access the session cookie because it is by default set to HTTPOnly.(You can see it using Firebug(Resources->Cookies->sessionid's HTTP column is checked))
Copying from the docs:
SESSION_COOKIE_HTTPONLY Default: True Whether to use HTTPOnly flag on the session cookie. If this is set to True, client-side JavaScript will not to be able to access the session cookie.
You can set: SESSION_COOKIE_HTTPONLY = False in your settings.py if you really want to have access to it from client side code. Nevertheless it not a recommended practice.
제휴하지 않습니다 StackOverflow
