This is a migrated thread and some comments may be shown as answers.

httpOnly does not seem to work for RadPanelBar cookie

1 Answer 42 Views
PanelBar
This is a migrated thread and some comments may be shown as answers.
Shawn Taylor
Top achievements
Rank 1
Shawn Taylor asked on 19 Jul 2013, 09:08 PM
We have set httpOnly for all cookies in our web.config and we have PersistStateInCookie set to true for our RadPanelBar however the cookie generated by the RadPanelBar does not seem to be httpOnly.  We verified this using FireBug in the FireFox browser.  Is this because the cookie has be accessed by javascript that Telerik is using?

1 Answer, 1 is accepted

Sort by
0
Boyan Dimitrov
Telerik team
answered on 24 Jul 2013, 03:00 PM
Hello,

Thank you for contacting Telerik Support.

Your observations are absolutely correct and the cookie generated by RadPanelBar is not httpOnly and can be accessed on the client side using JavaScript. I would like to clarify that the httpOnly cookies could not be accessed from the JavaScript.

Hope that this will be helpful.

Regards,
Boyan Dimitrov
Telerik
If you want to get updates on new releases, tips and tricks and sneak peeks at our product labs directly from the developers working on the RadControls for ASP.NET AJAX, subscribe to the blog feed now.
Tags
PanelBar
Asked by
Shawn Taylor
Top achievements
Rank 1
Answers by
Boyan Dimitrov
Telerik team
Share this question
or