WebApp Sec mailing list archives

cookie with empty domain field

From: Thomas Biege <tom () electric-sheep org>
Date: Wed, 20 Oct 2010 17:39:07 +0200

Hello everybody,

what happens to cookies with an empty domain field? I know that cookies
only having a top-level domain in it can be problemetic but did they also
leak if this field is empty?

Cheers
Thomas 



This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now! 
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

Current thread:

cookie with empty domain field Thomas Biege (Oct 20)
- Re: cookie with empty domain field Jason Ross (Oct 20)