AngularJS：无法读取会话值 [英] AngularJS: Can not read session value

问题描述

• 的会话由服务器设置，当用户登录

我想找回我的角前端此值，但它说未定义

相关code是

  $ scope.logout =功能（）{
        的console.log（'会话值'，$ cookieStore.get（会议））;
    }
 

和我的应用程序还配置为包括 ngCookies

  VAR应用= angular.module（'对myApp'，['ngCookies']）;
 

当我运行我的应用程序，我看到

 会话值不确定
 

我可以然而，看到会话Chrome开发工具

什么是我失踪？

解决方案

  

什么是我失踪？

服务器设置cookie的会话cookie（ 仅Http 标志）。这意味着你不能在客户端上访问该cookie。客户端将发送cookie到服务器上的每个请求，但是客户有它的价值无法访问。这是一个仅Http cookie的非常定义。如果您希望能够在客户端上访问此cookie值，你应该修改你的服务器端脚本，这样，当它被设置cookie不追加仅Http 标志给它。显然，这种带有对安全漏洞，你可能在你的网站根据存储在这个cookie的目的和特定值打开相应的免责声明。

• The session is set by server when the user logs in

I want to retrieve this value in my angular front end, but it says undefined

The relevant code is

   $scope.logout = function () {
        console.log('session value', $cookieStore.get('session'));
    }

and my app is also configured to include ngCookies

var app = angular.module('myApp', ['ngCookies']);

when I run my application, i see

session value undefined 

I can however, see the session in Chrome Dev Tools

What is that I am missing?

解决方案

What is that I am missing?

The server set the cookie as Session cookie (HttpOnly flag). This means that you cannot access this cookie on the client. The client will send the cookie to the server on each request but the client has no access to its value. That's the very definition of an HttpOnly cookie. If you want to be able to access this cookie value on the client you should modify your server side script so that when it is setting the cookie it doesn't append the HttpOnly flag to it. Obviously this comes with the corresponding disclaimer about the security vulnerability that you might be opening on your site depending on the purpose and specific value stored in this cookie.

这篇关于AngularJS：无法读取会话值的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！