I already tried document.cookie and it didn't work. I tried researching but I couldn't find a solution.
Asked
Active
Viewed 3,025 times
-1
CKevin
- 13
- 1
- 2
1 Answers
3
You can't - thats the whole point of HttpOnly
A cookie with the HttpOnly attribute is inaccessible to the JavaScript Document.cookie API; it is sent only to the server. For example, cookies that persist server-side sessions don't need to be available to JavaScript, and should have the HttpOnly attribute. This precaution helps mitigate cross-site scripting (XSS) attacks
Info: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
If your cookie does not contain sensitive info (such as a server-side session) then it should not be marked HttpOnly!
Jamiec
- 133,658
- 13
- 134
- 193