Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cross Site Cooking

Posted by Hemos on Monday January 30, 2006 @11:08AM from the boning-up-on-the-bad-stuff dept.

Liudvikas Bukys writes "Michal Zalewski identifies a new class of attacks on users of web applications, dubbed Cross Site Cooking. Various browsers' implementations of restrictions on where cookies come from and where they're sent are weaker than you think. Web applications that depend on the browser enforcing much will offer many opportunities for mischief."

2 of 125 comments (clear)

Min score:

Reason:

Sort:

old news from digg.com by Anonymous Coward · 2006-01-30 12:59 · Score: -1, Offtopic

Slashdot is dead.
The problem is lack of hipness... by Anonymous Coward · 2006-01-30 14:10 · Score: -1, Offtopic

People

If you really want this thing to catch on one day, trust me, just call it iPV6... [see the lowercase i?]

you'll all thank me one day...