- From: Andrew Daviel <andrew@daviel.org>
- Date: Fri, 28 Apr 2000 18:33:46 -0700 (PDT)
- To: www-talk@w3.org
An advisory recently about a cookie security problem : http://www.peacefire.org/security/jscookies/ A site can set a cookie which contains a script, then open a frame on your cookie file thus executing the script with the domain of your PC, able to parse HTML files and directories on your PC. Cookies were also mentioned in the "cross platform scripting advisory" - which is really about web forums, chat rooms and query scripts being able to attack other HTML forms on the same server. Andrew Daviel http://vancouver-webpages.com/andrew Deniable unless digitally signed.
Received on Friday, 28 April 2000 23:12:43 UTC