How to get the domain value for a cookie in Javascript?
Solution 1
Sorry, all you get is what you see in document.cookie
. The cookie metadata like path
, domain
and expires
are not visible to site code (neither to JavaScript nor to the server-side).
To read a cookie that is being shadowed by a cookie with a more-specific domain
or path
, the only thing you can do is load a page for which the more-specific cookie is out-of-scope, and read it from there.
If, as you say, you only need to remove a cookie, what you could do is try to remove the cookie at every possible level of specificity, eg.:
document.cookie= 'foo=;domain=sub.domain.example.com;expires=Sat, 01-Jan-2000 00:00:00 GMT';
document.cookie= 'foo=;domain=domain.example.com;expires=Sat, 01-Jan-2000 00:00:00 GMT';
document.cookie= 'foo=;domain=example.com;expires=Sat, 01-Jan-2000 00:00:00 GMT';
and similarly with the path
variable. You could put this in a nested loop for each path and domain part, splitting on .
for the domain and /
for the path.
Solution 2
You can only access cookies from the same domain (this includes subdomains). Obviously doing otherwise would be a security concern.
Related videos on Youtube
Aquaholic
Updated on June 03, 2020Comments
-
Aquaholic about 4 years
Using Javascript I'd like to get the
domain
value for a specific cookie.Is this possible? If so, how?
To clarify: I'm not looking for the value of the cookie. I'm on "subdomain.domain.com" and I need to remove a cookie whose name is known but its domain value is something like ".domain.com". In short: I'd like to get the value of ".domain.com".
-
kennebec about 14 yearsThe only way I know of to get cookie attributes (path, domain, expiry, security) is to tack them on the value when you create or modify the cookie or its value.
-
-
Aquaholic about 14 yearsSo basically you recommend carpet bombing. I can't see another solution either. :)
-
Amit Patil about 14 yearsYeah, that's a nice way of describing it!
-
TARKUS about 11 yearsHow does the Firefox Web Developer "View Cookie Information" utility do it? Apparently, the domain information is in there somewhere.
-
Amit Patil about 11 years@Gregory: The Web Developer extension runs as chrome, so has a higher level of access to Firefox's internal objects than you can get from plain old web site JavaScript.
-
hwjp over 7 yearsI think that's not quite true. subdomains can set cookies for a *. parent domain, as I understand it: serverfault.com/questions/153409/…
-
Dtipson over 7 yearsCorrect: one of the things cookies can do that localStorage cannot: you can set it on the main domain. Programmatically figuring out what the "toplevel" domain that you can set it on is can be complex though: you can set a cookie on amazon.com but not co.uk as co it's a special SLD. You'd have to set it on amazon.co.uk instead. So it's not as simple as "just the last two segments."