Re: how does host B know that its visitor is the one that visited host A?

Or... they are the same server... (adwords google and google analytics for example).

Rejecting cookies of transcluded content seems like a good idea for a realistic approach.
It would break many functionality such as the Facebook friends-bar or fans-bar which can show "your friends"; it would also break the google analytics quality but it would not break existing functionality of log-in-through forms.

It should still tolerate a site difference such as static.mysite.net and app.mysite.net.

paul


Le 14 août 2011 à 13:36, Jonathan Rees a écrit :
>> are you assuming the servers communicate to one another?
> 
> They are obviously communicating - otherwise the 2nd server wouldn't
> show information only the 1st knows. But they do so via an
> hub-and-spokes intermediary, as Alan explained. There is probably no
> direct relationship between the two.
> 
> I found the behavior disconcerting because I don't expect Expedia (or
> Kayak or whoever it was) to be broadcasting my travel planning
> behavior. I'm not saying there's a law saying they can't, and I'm not
> saying that the recipient has a way to know my personal identity, but
> I can imagine scenarios in which this leak could turn out badly for
> someone.

Received on Sunday, 14 August 2011 13:54:35 UTC