W3C home > Mailing lists > Public > www-talk@w3.org > March to April 2000

Re: Security: Cookies

From: Al Gilman <asgilman@iamdigex.net>
Date: Sat, 29 Apr 2000 10:25:39 -0500
Message-Id: <200004291420.KAA1213841@smtp2.mail.iamworld.net>
To: Andrew Daviel <andrew@daviel.org>, www-talk@w3.org
How do your proposals compare as to information model with the work of

Open GIS Consortium 



At 06:33 PM 2000-04-28 -0700, Andrew Daviel wrote:
>An advisory recently about a cookie security problem :
>A site can set a cookie which contains a script, then
>open a frame on your cookie file thus executing the script with
>the domain of your PC, able to parse HTML files and directories
>on your PC.
>Cookies were also mentioned in the "cross platform scripting
>advisory" - which is really about web forums, chat rooms and
>query scripts being able to attack other HTML forms on the same
>Andrew Daviel      
>Deniable unless digitally signed.
Received on Saturday, 29 April 2000 10:19:39 UTC

This archive was generated by hypermail 2.4.0 : Monday, 20 January 2020 16:08:24 UTC