Ah ha! Thanks for the reply. Now if only they would fix this misleading UX.
It was especially problematic for me since I was trying to implement changes to the application following a penetration test so wasted time thinking I'd not coded something correctly when in fact it was just a display issue. On Wednesday, 6 July 2016 06:54:38 UTC+1, Sebastian Zartner wrote: > > The *Net* panel only displays the data that is sent over the wire, i.e. > within the Cookie and Set-Cookie headers. For sent cookies this is just > the name and the value of the cookie. Therefore the other columns ( > *Domain*, *Path*, *Expires*, *Max. Age*, *HttpOnly* and *Security*) > should actually be removed as requested in issue #5698 > <https://github.com/firebug/firebug/issues/5698>. For received cookies > you'll see the columns filled like within the *Cookies* panel. > > Here's an example: > > > > <https://lh3.googleusercontent.com/--hkHqjHwloE/V3yczuxH8PI/AAAAAAAAAk4/PGJ35q9pY5sZgeLV_9hnSn7OfcKuyE8UgCLcB/s1600/Sent%2Band%2Breceived%2Bcookies.png> > > Sebastian > > On Tuesday, July 5, 2016 at 12:36:02 PM UTC+2, Peter Row wrote: >> >> Hi everyone, >> >> I'm using a combination of jquery.cookies.js and server set cookies ( >> ASP.NET MVC). >> For both the jQuery plugin and server side I am setting the default for >> HttpSecure on cookies to true, i.e. all cookies can only be sent over HTTPS. >> >> Running my site from localhost I check the cookies panel in FireBug from >> the home page, no cookies present, great this is expected. >> I then use the site and a couple of cookies get set some via JS some via >> server. >> >> My confusion... >> On the network panel if I look at the GET request for the page and switch >> to the cookies for that request it lists the cookies but the secure column >> is blank. >> If I switch to the cookies panel (i.e. the overall global for site) then >> it again lists the same cookies but this time in the secure column it shows >> true in all cases - as I would expect. >> >> The cookies are created both on JS and server side with the secure >> attribute set to true so they never existed without it set so why does >> firebug display this differently? >> >> Regards, >> Peter >> > -- You received this message because you are subscribed to the Google Groups "Firebug" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/firebug. To view this discussion on the web visit https://groups.google.com/d/msgid/firebug/158a04fa-0a9b-4a6b-8bb1-92821b06a8ed%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
