An `HttpOnly` cookie means that it&#39;s **not** available to scripting languages like JavaScript. So in JavaScript, there&#39;s absolutely no API available to get/set the `HttpOnly` attribute of the cookie, as that would otherwise defeat the meaning of `HttpOnly`.

Just set it as such on the server side using whatever server side language the server side is using. If JavaScript is absolutely necessary for this, you could consider to just let it send some (ajax) request with e.g. some specific request parameter which triggers the server side language to create an HttpOnly cookie. But, that would still make it easy for hackers to change the `HttpOnly` by just XSS and still have access to the cookie via JS and thus make the `HttpOnly` on your cookie completely useless.

I have some PNG images which consist of a black shape and a transparent background.
Unfortunately, IrfanView shows transparent background as black color, so I see just black on black. I&#39;ve found in Irfan settings that I can change the window&#39;s background color, but it changes only around the image, the transparent color is still black.

Is there any way to change the color displayed as transparent, or, optimally, use white-grey squares like Photoshop?

Setting transparent images background in IrfanView

While running `junit` test in `eclipse` I am getting this `Exception`:

    java.lang.NoClassDefFoundError: org/hamcrest/SelfDescribing

I&#39;ve added `junit.jar` library file.

I&#39;ve tried different versions of junit.jar: `4.4`, `4.8`, etc.

How do I fix this Exception?

java.lang.NoClassDefFoundError: org/hamcrest/SelfDescribing

I have a cookie that is NOT `HttpOnly` Can I set this cookie to `HttpOnly` via JavaScript?

Set a cookie to HttpOnly via Javascript

<p>I have a cookie that is NOT <code>HttpOnly</code> Can I set this cookie to <code>HttpOnly</code> via JavaScript?</p>


I am trying to watch my model value from inside my linking function.

    scope.$watch(attrs.ngModel, function() {
           console.log(&quot;Changed&quot;); 
        });

When I change the model value inside my controller, the $watch function is not triggered.

    $scope.myModel = &quot;ACT&quot;;
    
    $timeout(function() {
       $scope.myModel = &quot;TOTALS&quot;; 
    }, 2000);

Fiddle: http://jsfiddle.net/dkrotts/BtrZH/4/

What am I missing here?

$watch ngModel from inside directive using isolate scope

I have two HTML pages: form.html and display.html. In form.html, there is a form:

    &lt;form action=&quot;display.html&quot;&gt;
    	&lt;input type=&quot;text&quot; name=&quot;serialNumber&quot; /&gt;
    	&lt;input type=&quot;submit&quot; value=&quot;Submit&quot; /&gt;
    &lt;/form&gt;

The form data is sent to display.html. I want to display and use the form data `serialNumber` in display.html, as shown below:

    &lt;body&gt;
        &lt;div id=&quot;write&quot;&gt;
            &lt;p&gt;The serial number is: &lt;/p&gt;
        &lt;/div&gt;
        &lt;script&gt;
        function show() {
    	    document.getElementById(&quot;write&quot;).innerHTML = serialNumber;
        }
        &lt;/script&gt;
    &lt;/body&gt;

So how can I pass the `serialNumber` variable from form.html to display.html so that the above code in display.html will show the serial number and the JavaScript function show() gets the `serialNumber` from the first HTML?

passing form data to another HTML page

Say I have an array like this:

    var arr = [
        {type:&quot;orange&quot;, title:&quot;First&quot;},
        {type:&quot;orange&quot;, title:&quot;Second&quot;},
        {type:&quot;banana&quot;, title:&quot;Third&quot;},
        {type:&quot;banana&quot;, title:&quot;Fourth&quot;}
    ];

and I want this to be split up into arrays that have objects which have same type so:

    [{type:&quot;orange&quot;, title:&quot;First&quot;},
    {type:&quot;orange&quot;, title:&quot;Second&quot;}]
    
    [{type:&quot;banana&quot;, title:&quot;Third&quot;},
    {type:&quot;banana&quot;, title:&quot;Fourth&quot;}]

But I want to do this generically so not having an if statement that specifies orange or banana

    // not like this
    for (prop in arr){
        if (arr[prop] === &quot;banana&quot;){
           //add to new array
        }
    }

Thoughts? JQuery and Underscore are both options to use.

break array of objects into separate arrays based on a property

I have an HTML file named `showMap.html`:

&lt;!-- language: lang-html --&gt;

    &lt;!DOCTYPE html&gt;
    &lt;html&gt;

    &lt;head&gt;
      &lt;meta name=&quot;viewport&quot; content=&quot;initial-scale=1.0, user-scalable=no&quot; /&gt;
      &lt;meta http-equiv=&quot;content-type&quot; content=&quot;text/html; charset=UTF-8&quot; /&gt;
      &lt;title&gt;Map&lt;/title&gt;
      &lt;script type=&quot;text/javascript&quot; src=&quot;http://maps.google.com/maps/api/js?sensor=false&quot;&gt;
      &lt;/script&gt;
      &lt;script type=&quot;text/javascript&quot; src=&quot;js/map.js&quot;&gt;&lt;/script&gt;
    &lt;/head&gt;

    &lt;body onload=&quot;showPosition()&quot;&gt;
      &lt;div id=&quot;map_canvas&quot; style=&quot;width:500px;height:500px;&quot;&gt;&lt;/div&gt;
    &lt;/body&gt;

    &lt;/html&gt;

And another JavaScript file `map.js` is placed in the `js` folder of the same directory.

This code works fine when the HTML file is loaded, but this does not work when I run it in the server.

I use Python&#39;s Flask framework for back-end programming and the funny thing is that the same thing will work well if I expand the JavaScript code inside the HTML file. The only problem is with the external file.

External JavaScript file is not getting added when running on Flask

The typical way of creating a Javascript object is the following:

    var map = new Object();
    map[myKey1] = myObj1;
    map[myKey2] = myObj2;

I need to create such a map where both keys and values are Strings. I have a large but static set of pairs to add to the map.

Is there any way to perform something like this in Javascript:

    var map =  { { &quot;aaa&quot;, &quot;rrr&quot; }, { &quot;bbb&quot;, &quot;ppp&quot; } ... };

or do I have to perform something like this for each entry:

    map[&quot;aaa&quot;]=&quot;rrr&quot;;
    map[&quot;bbb&quot;]=&quot;ppp&quot;;
    ...

Basically, remaining Javascript code will loop over this map and extract values according to criterias known &#39;at runtime&#39;. If there is a better data structure for this looping job, I am interested too. My objective is to minimize code.

How to fill a Javascript object literal with many static key/value pairs efficiently?

There are many blogs and discussions about WebSocket and HTTP, and many developers and sites strongly advocate WebSockets, but I still can not understand why.

For example (arguments of WebSocket lovers):

&gt; HTML5 Web Sockets represents the next evolution of web communications—a full-duplex, bidirectional communications channel that operates through a single socket over the Web. - [websocket.org][1]

HTTP supports streaming: request body streaming(you are using it while uploading large files) and response body streaming.

&gt; During making the connection with WebSocket, client, and server exchange data per frame which is 2 bytes each, compared to 8 kilobytes of HTTP header when you do continuous polling.

Why do that 2 bytes not include TCP and under TCP protocols overhead?

    GET /about.html HTTP/1.1
    Host: example.org

This is ~48 bytes HTTP header.

HTTP chunked encoding - [Chunked transfer encoding][2]:

    23
    This is the data in the first chunk
    1A
    and this is the second one
    3
    con
    8
    sequence
    0

- So, the overhead per each chunk is not big.


Also, both protocols work over TCP, so all TCP issues with long-live connections are still there.

### Questions:

1. Why is the WebSockets protocol better?
1. Why was it implemented instead of updating the HTTP protocol?


  [1]: https://web.archive.org/web/20210812191126/http://www.websocket.org/quantum.html
  [2]: https://en.wikipedia.org/wiki/Chunked_transfer_encoding

WebSockets protocol vs HTTP

[WWDC 2012 session 706 - Networking Best Practices][1] explains [HTTP Pipelining][2].  

- By default [its disabled][3] on iOS
- In the talk its described it as a huge performance win.

Why might you not want to use it?

![pipelining][4]


  [1]: https://developer.apple.com/videos/wwdc/2012/?id=706
  [2]: http://en.wikipedia.org/wiki/HTTP_pipelining
  [3]: https://developer.apple.com/documentation/foundation/nsmutableurlrequest/1412705-httpshouldusepipelining
  [4]: http://i.stack.imgur.com/MbAOA.png

What are the disadvantage(s) of using HTTP pipelining?

I&#39;m simply trying to create a node server that outputs the HTTP status of a given URL.

When I try to flush the response with res.write, I get the error: throw new TypeError(&#39;first argument must be a string or Buffer&#39;);

But if I replace them with console.log, everything is fine (but I need to write them to the browser not the console).

The code is

    var server = http.createServer(function (req, res) {
    	res.writeHead(200, {&quot;Content-Type&quot;: &quot;text/plain&quot;});
    
    	request({
    		uri: &#39;http://www.google.com&#39;,
    		method: &#39;GET&#39;,
    		maxRedirects:3
    	}, function(error, response, body) {
    		if (!error) {
    			res.write(response.statusCode);
    		} else {
    			//response.end(error);
    			res.write(error);
    		}
    	});		
    
    	res.end();
    });
    server.listen(9999);

I believe I should add a callback somewhere but pretty confused and any help is appreciated.



nodejs - first argument must be a string or Buffer - when using response.write with http.request

My script is called by server. From server I&#39;ll receive `ID_OF_MESSAGE` and `TEXT_OF_MESSAGE`. 

In my script I&#39;ll handle incoming text and generate response with params: `ANSWER_TO_ID` and `RESPONSE_MESSAGE`.

The problem is that I&#39;m sending response to incomming `&quot;ID_OF_MESSAGE&quot;`, but server which send me message to handle will set his message as delivered to me (It means I can send him response to that ID), after receiving http response 200. 

One of solution is to save message to database and make some cron which will be running each minute, but I need to generate response message immediately. 

Is there some solution how to send to server http response 200 and than continue executing php script?

Thank you a lot

continue processing php after sending http response

*Cross-origin resource sharing* is a mechanism that allows a web page to make XMLHttpRequests to another domain (from [Wikipedia][1]).

I&#39;ve been fiddling with CORS for the last couple of days and I think I have a pretty good understanding of how everything works. 

So my question is not about how CORS / preflight work, it&#39;s about **the reason behind coming up with preflights as a new request type**. I fail to see any reason why server A needs to send a preflight (PR) to server B just to find out if the real request (RR) will be accepted or not - it would certainly be possible for B to accept/reject RR without any prior PR. 

After searching quite a bit I found [this piece][2] of information at www.w3.org (7.1.5):

&gt; *To protect resources against cross-origin requests that could not originate from certain user agents before this specification existed a
&gt; preflight request is made to ensure that the resource is aware of this
&gt; specification.*

I find this is the hardest to understand sentence ever. My interpretation (should better call it &#39;best guess&#39;) is that it&#39;s about protecting server B against requests from server C that is not aware of the spec. 

Can someone please explain a scenario / show a problem that PR + RR solves better than RR alone?



  [1]: https://en.wikipedia.org/wiki/Cross-origin_resource_sharing
  [2]: https://www.w3.org/TR/cors/#preflight-request

What is the motivation behind the introduction of preflight CORS requests?

I&#39;m new with angularjs...

I read the docs, and completed the tutorial; i also tried something else by myself, and things start to make sense to me.

Now i wonder how to make a **safe authentication system**.

The easy part: no code, i will describe operations my code execute:

&gt; I&#39;ve a classic form: username, and password text input.
&gt; 
&gt; The user fills the form, and press ENTER. 
&gt; 
&gt; An ajax request starts, and the response is a JSON telling me
&gt; something like &quot;ok i know you&quot; or &quot;i don&#39;t know who you are&quot;.

**What i need now is to mantain the logged status of the visitor (or not logged) between the different views of my application.**

I read on the internet that, to achieve this objective, someone sets a variable ($scope.isLogged = true), someone else uses cookies; but javascript variables, and cookies can be easily edited using firebug, or similiar development tools.

... and finally the question:

So, **have you some suggestion to achieve a safe authentication system in an angularjs app?**

How to achieve a Safe (!) authentication system in an angularjs app?

In Rails 3, what is the difference between storing data in a cookie and storing data in a session, with the session store set to the default of CookieStore?

e.g.

    cookie[:foo] = &#39;bar&#39;

    # MyApp::Application.config.session_store :cookie_store, key: &#39;_myapp_session&#39;
    session[:foo] = &#39;bar&#39;

As far as I can tell, both end up stored in a client-side cookie.

When would you choose to use one over the other?

Thanks.

Cookies vs Sessions with CookieStore

I&#39;m working on an application based on AngularJS on client side and Java for my API (Tomcat + Jersey for WS) on server side.

Some path of my API are restricted, if the user doesn&#39;t have a session the response status returned is 401. On the client side, 401 http status are intercepted to redirect the user to the login page.

Once the user is authenticated, I create a session on the server side &lt;pre&gt;httpRequest.getSession(true);&lt;/pre&gt;
and the response send to the client does have the Set-cookie instruction in its header :
&lt;pre&gt;
Set-Cookie:JSESSIONID=XXXXXXXXXXXXXXXXXXXXX; Domain=localhost; Path=/api/; HttpOnly
&lt;/pre&gt;

The problem is that the cookie is never put on the client side. When I inspect cookie for localhost domain it&#39;s empty, so the next requests don&#39;t have this cookie in their header and client side still couldn&#39;t access to the restricted path of my API.

The client and the server are on the same domain but they don&#39;t have the same path and the same port number :

Client : `http://localhost:8000/app/index.html`

Server : `http://localhost:8080/api/restricted/`

Additional info : CORS is enabled on the both side :
&lt;pre&gt;&quot;Access-Control-Allow-Methods&quot;, &quot;GET, POST, OPTIONS&quot;
&quot;Access-Control-Allow-Origin&quot;, &quot;*&quot;
&quot;Access-Control-Allow-Credentials&quot;, true&lt;/pre&gt;

Any idea for making the Set-cookie works properly ?
Is it an AngularJS related issue ? 

Set-Cookie in HTTP header is ignored with AngularJS

I&#39;m working on a PhoneGap app with server session usage. It needs cookies to handle the session. Additionally, the cookie from the load balancer should be handled, too. So there is no way around. How do you handle Cookies in your PhoneGap app?

I have already accomplished some research:

 - Some say cookie handling might depend on the server not setting cookies for unknown user agents (IIS): https://stackoverflow.com/questions/10019418/phonegap-session-cookies-on-ios
 - In JavaScript cookies can be set with document.cookie = ..., but they are not saved in PhoneGap and lost. Before firing xhr requests it works.
 - Cookies can be retrieved after xhr request with xhr.getResponseHeader(&#39;Set-Cookie&#39;). But only when actually set on the server. Unfortunately, jQuery strips the &quot;Cookie&quot; header.
 - The JavaScript document.cookie property is not assigned and not updated after (xhr)requests.
 - Some suggest the localStorage to save session ids etc. But all scripts can access it and this might be XSS security issue. Cookies work around this issue by using the httponly flag.
 - iOS: There are some modifications which will change the webView behaviour to support cookies. But they seem not to work with iOS 6 and PhoneGap 2.5: https://groups.google.com/forum/?fromgroups=#!topic/phonegap/ZJE1nxX63ow
 - Cookies seem to be enabled by default in the AppDelegate.m (v2.5).



Handling cookies in PhoneGap/Cordova

I have this real strange problem with client side javascript setting cookies. I&#39;m developing a little 1 page demo at the moment to use cookies to store some &#39;preferences&#39;. Please note that I can&#39;t use a server side language for this demo or any 3rd party jQuery plugins.

So I&#39;ve written a javascript object to set a cookie:

    var cookie = {
      set: function (name,value,exdays) {
      
        var exdate = new Date();
        exdate.setDate(exdate.getDate() + exdays);
        var value = escape(value) + ((exdays==null) ? &quot;&quot; : &quot;; expires=&quot;+exdate.toUTCString());
        document.cookie=name + &quot;=&quot; + value;
        console.log(document.cookie);
      }
    }

    cookie.set(&#39;foo&#39;,&#39;bar&#39;,2);
    console.log(document.cookie);

It just returns an empty string. I&#39;ve gone into Chrome console to see if I can do it via directly modifying `document.cookie`

    &gt; document.cookie = &quot;foo=bar&quot;;
    &quot;foo=bar&quot;
    &gt; document.cookie
    &quot;&quot;

How do you set a cookie via client side javascript?

**Edit: I am not in incognito mode and cookies are enabled.**

Content Type	Original Author	Original Content on Stackoverflow
Question	user887983	View Question on Stackoverflow
Solution 1 - Javascript	BalusC	View Answer on Stackoverflow

Set a cookie to HttpOnly via Javascript

Javascript Problem Overview

Javascript Solutions

Solution 1 - Javascript

java.lang.NoClassDefFoundError: org/hamcrest/SelfDescribing

Setting transparent images background in IrfanView

Attributions