W3C home > Mailing lists > Public > www-tag@w3.org > August 2011

Re: how does host B know that its visitor is the one that visited host A?

From: Paul Libbrecht <paul@hoplahup.net>
Date: Sun, 14 Aug 2011 15:53:53 +0200
Cc: www-tag@w3.org
Message-Id: <762E1EAC-B720-4786-829E-5B23929DC5E0@hoplahup.net>
To: Jonathan Rees <jar@creativecommons.org>


Or... they are the same server... (adwords google and google analytics for example).

Rejecting cookies of transcluded content seems like a good idea for a realistic approach.
It would break many functionality such as the Facebook friends-bar or fans-bar which can show "your friends"; it would also break the google analytics quality but it would not break existing functionality of log-in-through forms.

It should still tolerate a site difference such as static.mysite.net and app.mysite.net.

paul


Le 14 août 2011 à 13:36, Jonathan Rees a écrit :
>> are you assuming the servers communicate to one another?
> 
> They are obviously communicating - otherwise the 2nd server wouldn't
> show information only the 1st knows. But they do so via an
> hub-and-spokes intermediary, as Alan explained. There is probably no
> direct relationship between the two.
> 
> I found the behavior disconcerting because I don't expect Expedia (or
> Kayak or whoever it was) to be broadcasting my travel planning
> behavior. I'm not saying there's a law saying they can't, and I'm not
> saying that the recipient has a way to know my personal identity, but
> I can imagine scenarios in which this leak could turn out badly for
> someone.
Received on Sunday, 14 August 2011 13:54:35 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 26 April 2012 12:48:39 GMT