-
Notifications
You must be signed in to change notification settings - Fork 27.5k
More powerful $cookies service #950
Comments
Working on this (first version, I'm not worried about providing jquery's "raw" option), just updating tests now. branch is here: jzacsh/angular.js@master...issue950_cookies |
Hey, sorry I forgot to update this thread. Switched teams and don't have the time do this. Someone should take this on :-) |
any updates on this? |
+1 for updates and a resolution |
+1 Not supporting secure cookies is a security issue and should be addressed ASAP. |
Just added a $200 bounty to this issue: https://www.bountysource.com/issues/68135-more-powerful-cookies-service +1 |
you could always use a different library like: https://github.com/grevory/angular-local-storage |
Would it not be possible to simply replace the existing code for cookie control with a third-party library like jQuery Cookie https://github.com/carhartl/jquery-cookie This plugin provides support for custom expiry dates, domain names (set example.com from sub.example.com etc), path values, and secure cookies, thus: $.cookie('cookiename', 'cookievalue', { expires: 7, path: '/', domain: 'example.com', secure: true }); |
Although local-storage and jQuery both provide workarounds, this ticket is for fixing the core issue within AngularJS so workarounds aren't necessary. |
angular-cookies is no longer 'core'. its more of a Angular team supported plugin now. |
+1 |
+1 - for reference this seems to work pretty well - https://github.com/ivpusic/angular-cookie - but I still think this should be part of the included Angular cookie plugin. |
+1 |
+1 The current implementation is dangerous IMO, as it makes it impossible to properly secure cookies you create. This is going to lead to Angular apps which are vulnerable to XSS attacks. |
+1 |
+1 |
👍 |
+1 |
+9001 |
+1 |
4 similar comments
+1 |
+1 |
👍 |
+1 |
Plus one |
+1 |
1 similar comment
👍 |
👍 |
Is this one still up for grabs by the community? I would love to take it on. |
I, like @Ppchiu, would be willing to take this on. |
Limitations of |
we should look into that and see if it looks suitable for inclusion as a core module (if that sounds alright with you @voronianski) |
@caitp this sounds great! |
+1 |
I'd love to take this one if it is available. however it looks like it has already been taken care of by this commit: d456789 Can any one verify this? |
+1 |
I've updated my module fix - ng-biscuit, but of course ngKookies looks more mature |
The `put`, `putObject` and `remove` methods now take an options parameter where you can provide additional options for the cookie value, such as `expires`, `path`, `domain` and `secure`. Closes angular#8324 Closes angular#3988 Closes angular#1786 Closes angular#950
The `put`, `putObject` and `remove` methods now take an options parameter where you can provide additional options for the cookie value, such as `expires`, `path`, `domain` and `secure`. Closes angular#8324 Closes angular#3988 Closes angular#1786 Closes angular#950
I want to set a cookie on the root path
/
so it's available everywhere on the domain.But the
$cookies
service only acceptsname
andvalue
, and always sets the cookiepath
to the current page viaself.baseHref()
.Could the
$cookies
service be extended to provide access to additional cookie properties likepath
,expires
,domain
andsecure
?I quite like the API of the
jquery.cookie
plugin: https://github.com/carhartl/jquery-cookie#usage. It keeps the commonname=value
use case simple and allows to set additional cookie properties via a thirdoptions
object parameter.I'm not very proficient in Javascript but I might try to implement something over the weekend.
The text was updated successfully, but these errors were encountered: