Chrome developer tools > resources > cookies > http column, does a checkmark here indicate HttpOnly cookie?

google-chrome cookies google-chrome-devtools httponly
user854894 picture user854894 · Jul 7, 2012 · Viewed 53k times · Source

Does the checkmark at the Http column of Chrome devtool's Cookie resource panel indicate a HttpOnly cookie?

I can't find docs that confirm this, though I suspect it is the case. I am trying to verify my app is using HttpOnly for session cookies.

Answer

Rob W picture Rob W · Jul 7, 2012

Yes. Enter document.cookie in the console, and you'll see that none of the checked cookies are visible.

Name Value Domain Path Expires Size HTTP Secure

HTTP = HttpOnly flag, Secure = secure flag.

Related questions

How to use Postman Interceptor

Ever since I upgraded to Postman 0.9.6 I can't replicate user sessions because chrome doesn't allow postman to get user cookies. However, they have decided to "work around" this issue by created another plugin called Postman Interceptor that routes your postman …

Read More
How to tell why a cookie is not being sent?

I'm using chrome and I'm wondering if there is either an extension or a method to tell why a cookie is not being sent. I have one request I'm making to http://dev/login and it's returning, Set-Cookie:DevId=cffbc7…

Read More
SameSite warning Chrome 77

Since the last update, I'm having an error with cookies, related with SameSite attribute. The cookies are from third party developers (Fontawesome, jQuery, Google Analytics, Google reCaptcha, Google Fonts, etc.) The errors in the Chrome console are like this. A …

Read More