[jQuery] Cookie Plugin and httponly cookies


I have protected my cookies by setting them to httponly, but now I am trying to check them through jQuery without sending a AJAX request that checks if the cookie exists using PHP then returns the confirmation (slower). So is there a way to read my own cookies only using jQuery?


If the cookies were set as httpOnly by the server then jQuery will not be able to read them.

This is a security feature. The idea is that the client - including client-side script - is the untrusted party. If untrusted Javascript makes its way onto the page it’s unable to access the cookies.

Checking if the cookie exists using PHP sounds like it might be an appropriate way to solve this problem and it still doesn’t require anything sensitive to be made available to Javascript. Could you include this information in the original PHP page that was generated anyway, doing away with the need for a separate request?