Home/ Questions/Q 8351095
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-09T08:31:37+00:00

I’m preparing some diagnostic tool. It operates on the website in the iframe –

  • 0

I’m preparing some diagnostic tool. It operates on the website in the iframe – only by javascript.

Now what I need is to get rid of session cookie in the website that I have in my iframe. I just need to be logged out after performing some operations.

Unfortunately I cannot just drop the session cookie from javascript because it’s mark with httpOnly flag. I did not found any way to open iframe in incognito mode either.

Now the rules for achiving this are following:

  • I can add any file to target website server
  • I can run any javascript on website domain
  • I can force user to use specified browser (it does not have to be cross-browser solution)
  • I can NOT modify website code
  • The solution have to be server and programming language independent

Any ideas for the workaround?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You just cant manage httpOnly cookies from javascript.

    But I think that you want to analyze the page, but also with js. So why use iframe ?

    You can fetch content of page that is to be analyzed from outside of html or javascript:

    • do ajax request to your application proxy
    • use html5 websockets as proxy server. I assume that websocket server is your. Websockets have also cross-domain ability.

    You then just need to parse fetched DOM (i saw something builtin for this). And let analyzing to begin.

    • 0