[luau] dirty cookie trick(?)
Virgil
virgil at hawaii.rr.com
Mon Jul 7 15:48:01 PDT 2003
A cookie is a cookie and whether or not its embedded in ssl it should still
be recognized by the browser as such; as a cookie. I would be very surprised
if they have cookies embedded into an ssl site which is able to get around
the cookie acceptance process. But with the new concepts that they are
coming up with now I could be wrong.
Virgil
On 7/7/03 11:28 AM, "R. Scott Belford" <sctinc at flex.com> wrote:
> Virgil wrote:
>> Scott,
>>
>> You can have you browser set to not accept cookies or have it notify you
>> when its asking for a cookie. You can even clear your browser of all cookies
>> if you want it to. Cookies doesn't have to and cannot permanently reside on
>> your harddrive.
>
> I should be a smidgeon more clear. I don't accept cookies by default.
> I tend to be less skeptical of offers to accept ssl certificates. I
> have to wonder if doubleclick has considered this and decided to embed
> their ads in ssl so as to shield the user from the offer to accept
> cookies from its domain. I just don't know if they could gather some of
> the same metrics from this method vs. using cookies.
>
> --scott
>
> _______________________________________________
> LUAU mailing list
> LUAU at videl.ics.hawaii.edu
> http://videl.ics.hawaii.edu/mailman/listinfo/luau
More information about the LUAU
mailing list