JS Script that sends a request to a website, retrieves the cookies, and saves them into localStorage for Bypassing Bearer Authentication

JS Script that sends a request to a website, retrieves the cookies, and saves them into localStorage for Bypassing Bearer Authentication

Alza Moh Alza Moh

Alza Moh

Software Engineer | Full-stack Developer | Blockchain Developer

发布日期: 2024年11月9日
+ 关注

To send a request to a website, retrieve its cookies, and save those cookies to localStorage using JavaScript, you can use the fetch() API to make the HTTP request, and then use JavaScript to store the cookies in localStorage. However, it's important to note that cookies set by the website's server are automatically managed by the browser, and you can't directly read cookies from other domains (due to the same-origin policy).

That being said, you can still use #JavaScript to send requests to your own domain or a cross-origin domain that supports CORS (Cross-Origin Resource Sharing). If #cookies are included in the response, they will be stored in the browser's cookie storage, and you can read and store those cookies in #localStorage for use later.

Here's a basic example of how to do this using JavaScript:

// Function to send request and store cookies in localStorage
function fetchAndSaveCookies(url) {
  // Sending a GET request to the website
  fetch(url, {
    method: 'GET',
    credentials: 'include' // Ensure cookies are included in the request
  })
  .then(response => {
    // Check if the response is successful
    if (response.ok) {
      console.log("Request successful!");

      // Retrieve cookies from the browser's cookie storage
      const cookies = document.cookie.split('; ').reduce((acc, cookie) => {
        const [name, value] = cookie.split('=');
        acc[name] = value;
        return acc;
      }, {});

      // Save cookies to localStorage
      for (let [name, value] of Object.entries(cookies)) {
        localStorage.setItem(name, value);
      }

      console.log("Cookies saved to localStorage");

    } else {
      console.error("Request failed with status:", response.status);
    }
  })
  .catch(error => {
    console.error("Error occurred while making the request:", error);
  });
}

// Example usage: Replace with the actual URL of the website
const url = "https://example.com";
fetchAndSaveCookies(url);

Explanation of the Code:

  1. fetch(url, { credentials: 'include' }):This sends a GET request to the specified URL.The credentials: 'include' option is crucial if you're dealing with cookies (it allows cross-origin requests to include cookies).
  2. document.cookie.split('; '):The document.cookie property gives you all cookies associated with the current page. By splitting it at ; , we can parse each cookie and store it as a key-value pair in an object.
  3. localStorage.setItem(name, value):For each cookie, we store it in the browser's localStorage using the setItem method.

领英推荐

Important Notes:

  • Same-origin policy: You can only access cookies from the same domain, protocol, and port that your script is running on. For cross-origin requests, the server must allow the request via CORS headers, and cookies can only be accessed if credentials: 'include' is set.
  • Cookie expiration: Cookies stored in localStorage are persistent until explicitly removed. This is different from session cookies, which expire when the browser session ends.

Example Use Case:

If you send a request to a server that sets some cookies (e.g., authentication tokens), and you want to store these cookies in localStorage for later use (e.g., for maintaining a user session in a single-page application), this code will do that for you.

Let me know if you have any other questions or need more specific guidance.

要查看或添加评论,请登录

Alza Moh的更多文章

社区洞察

其他会员也浏览了