Skip to content
This repository has been archived by the owner on Apr 12, 2024. It is now read-only.

More powerful $cookies service #950

Closed
reichart opened this issue May 11, 2012 · 67 comments
Closed

More powerful $cookies service #950

reichart opened this issue May 11, 2012 · 67 comments

Comments

@reichart
Copy link

I want to set a cookie on the root path / so it's available everywhere on the domain.

But the $cookies service only accepts name and value, and always sets the cookie path to the current page via self.baseHref().

Could the $cookies service be extended to provide access to additional cookie properties like path, expires, domain and secure?

I quite like the API of the jquery.cookie plugin: https://github.com/carhartl/jquery-cookie#usage. It keeps the common name=value use case simple and allows to set additional cookie properties via a third options object parameter.

I'm not very proficient in Javascript but I might try to implement something over the weekend.

@jzacsh
Copy link
Contributor

jzacsh commented Aug 31, 2012

Working on this (first version, I'm not worried about providing jquery's "raw" option), just updating tests now.

branch is here: jzacsh/angular.js@master...issue950_cookies

@jzacsh
Copy link
Contributor

jzacsh commented Mar 9, 2013

Hey, sorry I forgot to update this thread. Switched teams and don't have the time do this. Someone should take this on :-)

@eddiemonge
Copy link
Contributor

any updates on this?

@solidspark
Copy link

+1 for updates and a resolution

@wkonkel
Copy link

wkonkel commented Sep 24, 2013

+1 Not supporting secure cookies is a security issue and should be addressed ASAP.

@rappo
Copy link

rappo commented Sep 25, 2013

Just added a $200 bounty to this issue: https://www.bountysource.com/issues/68135-more-powerful-cookies-service

+1

@eddiemonge
Copy link
Contributor

you could always use a different library like: https://github.com/grevory/angular-local-storage

@lewisgoddard
Copy link

Would it not be possible to simply replace the existing code for cookie control with a third-party library like jQuery Cookie https://github.com/carhartl/jquery-cookie

This plugin provides support for custom expiry dates, domain names (set example.com from sub.example.com etc), path values, and secure cookies, thus:

$.cookie('cookiename', 'cookievalue', { expires: 7, path: '/', domain: 'example.com', secure: true });

@wkonkel
Copy link

wkonkel commented Oct 7, 2013

Although local-storage and jQuery both provide workarounds, this ticket is for fixing the core issue within AngularJS so workarounds aren't necessary.

@eddiemonge
Copy link
Contributor

angular-cookies is no longer 'core'. its more of a Angular team supported plugin now.

@Narretz
Copy link
Contributor

Narretz commented Dec 17, 2013

+1

@bwdolphin
Copy link

+1 - for reference this seems to work pretty well - https://github.com/ivpusic/angular-cookie - but I still think this should be part of the included Angular cookie plugin.

@johannesjo
Copy link

+1

@ghost ghost assigned jeffbcross Jan 31, 2014
@jeffbcross jeffbcross removed their assignment Feb 3, 2014
@jeffbcross jeffbcross added this to the Backlog milestone Feb 4, 2014
@jonrimmer
Copy link

+1
We were just bitten by this, with cookies being shared between different environments running on the same host but different ports.

The current implementation is dangerous IMO, as it makes it impossible to properly secure cookies you create. This is going to lead to Angular apps which are vulnerable to XSS attacks.

@lucianenache
Copy link

+1
what is the current status?

@kbanman
Copy link

kbanman commented Feb 19, 2014

+1
I'd like to be able to set path, expiry and domain

@HNygard
Copy link
Contributor

HNygard commented Mar 18, 2014

👍

@bfowle
Copy link

bfowle commented Sep 17, 2014

+1

@Jazzepi
Copy link

Jazzepi commented Sep 18, 2014

+9001

@marcmenges
Copy link

+1

4 similar comments
@taly
Copy link

taly commented Sep 20, 2014

+1

@ghost
Copy link

ghost commented Sep 24, 2014

+1

@takashi
Copy link
Contributor

takashi commented Oct 6, 2014

👍

@sjogreen-sp
Copy link

+1

@JordanRClark
Copy link

Plus one

@corkupine
Copy link

+1

1 similar comment
@grantgeorge
Copy link

👍

@dallasvogels
Copy link

👍

@PatrickJS
Copy link
Member

PatrickJS commented Dec 11, 2014

👍

Tipe CMS

@petebacondarwin petebacondarwin modified the milestones: 1.4.x, Backlog Dec 14, 2014
@Ppchiu
Copy link

Ppchiu commented Dec 16, 2014

Is this one still up for grabs by the community? I would love to take it on.

@martinmcwhorter
Copy link

I, like @Ppchiu, would be willing to take this on.

@voronianski
Copy link

Limitations of $cookieStore forced me to port common and well-known jquery-cookie plugin as separate Angular cookie provider, check it here - https://github.com/voronianski/ngKookies

@caitp
Copy link
Contributor

caitp commented Dec 28, 2014

we should look into that and see if it looks suitable for inclusion as a core module (if that sounds alright with you @voronianski)

@voronianski
Copy link

@caitp this sounds great!

@zoltantarcsay
Copy link

+1

@gelus
Copy link

gelus commented Jan 27, 2015

I'd love to take this one if it is available. however it looks like it has already been taken care of by this commit: d456789

Can any one verify this?
@zoltantarcsay, since you've most recently +1ed it, is it still an issue?

@catindev
Copy link

catindev commented Feb 3, 2015

+1

@stevermeister
Copy link
Contributor

I've updated my module fix - ng-biscuit, but of course ngKookies looks more mature

@shahata shahata closed this as completed in 92c366d Mar 2, 2015
hansmaad pushed a commit to hansmaad/angular.js that referenced this issue Mar 10, 2015
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes angular#8324
Closes angular#3988
Closes angular#1786
Closes angular#950
netman92 pushed a commit to netman92/angular.js that referenced this issue Aug 8, 2015
The `put`, `putObject` and `remove` methods now take an options parameter
where you can provide additional options for the cookie value, such as `expires`,
`path`, `domain` and `secure`.

Closes angular#8324
Closes angular#3988
Closes angular#1786
Closes angular#950
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.