Play框架，你如何在客户端访问cookie（javascript）？ [英] Play framework, how do you access cookie in client side(javascript)?

问题描述

我想尝试 https://github.com/jamesward/play-rest-我设置了我的实现的返回结果与Scala Play result.withCookies（Cookie（AUTH_TOKEN，），我的REST端点的安全性。



< authToken））。

但是，在客户端（js），不知何故当我尝试使用 document.cookie 访问。未找到Cookie。

使用 response（）的Java API，setCookie（AUTH_TOKEN，authToken）看起来不同。

div c> c> c> c> application.conf 。这意味着您无法在客户端的JavaScript中读取您的Cookie。
在 application.conf 中输入 session.httpOnly = false 。

但请考虑安全隐患。

I'm trying to implement https://github.com/jamesward/play-rest-security for my REST endpoint.

I set the returning result of my implementation with Scala Play result.withCookies(Cookie(AUTH_TOKEN, authToken)).

But, in the client side(js), somehow when i try to access using document.cookie. The cookie is not found.

With using the Java API of response().setCookie(AUTH_TOKEN, authToken) seems different though. Its accessible via document.cookie.

What am i missing here?

解决方案

It might be that httpOnly is set to true (it's so by default) in your application.conf. This means that you can't read your cookies in your JavaScript on the client side. Put session.httpOnly=false in your application.conf.

But consider the security implications.

这篇关于Play框架，你如何在客户端访问cookie（javascript）？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！