I log into django admin. When I open firebug JS console and try to print cookies with document.cookie I only get csrftoken cookie. But when I open Firefox preferences > Privacy > Delete cookie... then I can see sessionid cookie.
How to get that on client side?
I log into django admin. When I open firebug JS console and try to print cookies with document.cookie I only get csrftoken cookie. But when I open Firefox preferences > Privacy > Delete cookie... then I can see sessionid cookie.
How to get that on client side?
Share Improve this question edited Sep 15, 2012 at 10:52 Lee Taylor 7,99416 gold badges37 silver badges53 bronze badges asked Sep 15, 2012 at 10:18 MemkeMemke 7441 gold badge8 silver badges26 bronze badges1 Answer
Reset to default 12You cannot access the session cookie because it is by default set to HTTPOnly.(You can see it using Firebug(Resources->Cookies->sessionid's HTTP column is checked))
Copying from the docs:
SESSION_COOKIE_HTTPONLY Default: True Whether to use HTTPOnly flag on the session cookie. If this is set to True, client-side JavaScript will not to be able to access the session cookie.
You can set: SESSION_COOKIE_HTTPONLY = False in your settings.py if you really want to have access to it from client side code. Nevertheless it not a remended practice.