W3C home > Mailing lists > Public > www-talk@w3.org > March to April 2000

Re: Security: Cookies

From: Al Gilman <asgilman@iamdigex.net>
Date: Sat, 29 Apr 2000 10:25:39 -0500
Message-Id: <200004291420.KAA1213841@smtp2.mail.iamworld.net>
To: Andrew Daviel <andrew@daviel.org>, www-talk@w3.org
How do your proposals compare as to information model with the work of

Open GIS Consortium 

http://www.opengis.org/

Al

At 06:33 PM 2000-04-28 -0700, Andrew Daviel wrote:
>
>An advisory recently about a cookie security problem :
>
>http://www.peacefire.org/security/jscookies/
>
>A site can set a cookie which contains a script, then
>open a frame on your cookie file thus executing the script with
>the domain of your PC, able to parse HTML files and directories
>on your PC.
>
>Cookies were also mentioned in the "cross platform scripting
>advisory" - which is really about web forums, chat rooms and
>query scripts being able to attack other HTML forms on the same
>server.
>
>
>Andrew Daviel      
>http://vancouver-webpages.com/andrew
>Deniable unless digitally signed.
> 
Received on Saturday, 29 April 2000 10:19:39 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 27 October 2010 18:14:24 GMT