Hi all, I read in cookies management wiki that if the XSS security by HttpOnly cookie was activated cookie weren't useable in JS anymore. However as I use accordion and treeview which are in JQuery plugin integrate to yii, I was wondering how could I write my cookie in an Http/php way in order to fill XSS security prevention ??
I understood that with CJavaScript I could pass a variable from PHP to JS. So that meaning I can read a PHP cookie and give his value to a JS variable then use it. However If I want to modify his value... as accordion and treeview are manage by JS, how can I write it keeping HttpOnly set to true ??
I understood that with CJavaScript I could pass a variable from PHP to JS. So that meaning I can read a PHP cookie and give his value to a JS variable then use it. However If I want to modify his value... as accordion and treeview are manage by JS, how can I write it keeping HttpOnly set to true ??