GitHub

万能 Cookie 获取工具,突破 httponly 限制!

这是一个 Chrome 浏览器扩展,可以获取当前网站的所有 cookie,包括 HttpOnly 标记的 cookie。 访问你想要获取 cookie 的网站 点击 ...
GitHub

Should a ServiceWorker be able to read HttpOnly cookies?

Existing server-side session cookie systems sometimes use HttpOnly cookies to avoid XSS-driven session cookie stealing. However, these single-cookie sessions (often implemented by server-side web app ...