PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Moderator: General Moderators
Luke
The Ninja Space Mod
Posts: 6424 Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA
Post
by Luke » Mon Jan 16, 2006 7:10 pm
Just a quick question - and call me lazy if you will... I was just wondering if cookies set by javascript can be understood by php and visa versa... I know I could write a script to test this and bla bla bla, but I was just wondering if anybody had a yes or no answer,
Jenk
DevNet Master
Posts: 3587 Joined: Mon Sep 19, 2005 6:24 am
Location: London
Post
by Jenk » Mon Jan 16, 2006 7:18 pm
yes.
EDIT: picked at the post..
duk
Forum Contributor
Posts: 199 Joined: Wed May 19, 2004 8:45 am
Location: London
Post
by duk » Tue Jan 17, 2006 12:59 am
cookie is always a cookie
foobar
Forum Regular
Posts: 613 Joined: Wed Sep 28, 2005 10:08 am
Post
by foobar » Tue Jan 17, 2006 6:49 am
duk wrote: cookie is always a cookie
Well said.
Luke
The Ninja Space Mod
Posts: 6424 Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA
Post
by Luke » Tue Jan 17, 2006 12:43 pm
Just gotta ask the stupid questions.. haha
Ambush Commander
DevNet Master
Posts: 3698 Joined: Mon Oct 25, 2004 9:29 pm
Location: New Jersey, US
Post
by Ambush Commander » Tue Jan 17, 2006 12:45 pm
One of the greatest XSS vectors... JavaScript reading cookies.
foobar
Forum Regular
Posts: 613 Joined: Wed Sep 28, 2005 10:08 am
Post
by foobar » Tue Jan 17, 2006 1:14 pm
Ambush Commander wrote: One of the greatest XSS vectors... JavaScript reading cookies.
Yea, unfortunately. There are workarounds, so perhaps the adequacy of this "feature" should be reconsidered.
raghavan20
DevNet Resident
Posts: 1451 Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:
Post
by raghavan20 » Tue Jan 17, 2006 6:39 pm
It is often difficult to change one particular cookie from the set of cookies in Javascript which is easier with server side languages.