Vulnerable Cookies

I’ve Found a Great PDF about XSS Attack , and how the Middle Layer man can hijack your session and cookies. and also how to encounter it

https://www.isecpartners.com/files/web-session-management.pdf

You should always set your Domain, HttpOnly Attribute(not writeable from js) on your Cookies and use the HTTPS so the middle layer man can’t see it in plain text.

Share this post:

Published Tuesday, January 26, 2010 10:08 AM by cipto

Comments

No Comments

Across Boundaries - ( Cipto )

This Blog

Syndication

Search

Tags

Navigation

Archives

Blog Roll

Cool Plugin

Vulnerable Cookies

Comments