0

Is it possible to access a C# created cookie via Javascript and change the value? (I'm aware that it's a security measure - but whats the alternative)

C#

 HttpCookie myCookie = new HttpCookie("theName", "theValue");
 Response.Cookies.Add(myCookie);

Javascript

console.log(document.cookie) //doesn't include my cookie..
ManxJason
  • 928
  • 12
  • 33
  • if its HTTP cookie then you cant access them in javascript. Yes you can access the cookie and change the value in javascript. – Vikash Mar 26 '15 at 13:26
  • Is there an alternative way to create a cookie, using c#, without restricting javascript access? – ManxJason Mar 26 '15 at 13:27
  • Where and when are you adding the cooking in C#? Page_Load? – jtimperley Mar 26 '15 at 13:27
  • @jtimperley Global.asax – ManxJason Mar 26 '15 at 13:28
  • A cookie is a cookie, it is the same to create it from your C# code or from Javascript :) So of course you can access it wherever you want (C# or JS) – bviale Mar 26 '15 at 13:28
  • Please see ["Should questions include “tags” in their titles?"](http://meta.stackexchange.com/questions/19190/should-questions-include-tags-in-their-titles), where the consensus is "no, they should not"! –  Mar 26 '15 at 13:30
  • @AndreasNiedermair Many apologies, – ManxJason Mar 26 '15 at 13:31
  • Check to see how you are creating the cookie? http://stackoverflow.com/questions/8064318/how-to-read-a-secure-cookie-using-javascript – kingdango Mar 26 '15 at 13:31

1 Answers1

1

HttpCookie is by default protected - i.e. Javascript cannot read them. Setting the following bool property allows access.

myCookie.HttpOnly = false
ManxJason
  • 928
  • 12
  • 33