Closed UsoulKind closed 1 year ago
First of all this is a question and not a bug report. Therefore it would have been raised at https://forum.greenbone.net/ at best.
Second no you can't. And it's by intention. You have two tokens. First the session cookie and second the login token. Only the login token is accessible via JS. The session cookie is set by your browser automatically with every request after a successful login. Thus you don't have to care about it. The login token must be gathered during the login procedure and added to every request.
--http-only Serve HTTP only, without SSL.
Can I use ‘--http-only’ to control gsad's httponly config? Or , is there any way to close httponly? I want to get the cookie by script, Thanks!