Beefy Boxes and Bandwidth Generously Provided by pair Networks
Just another Perl shrine
 
PerlMonks  

Re^2: Button insecurity

by Wassercrats
on Sep 18, 2004 at 22:40 UTC ( #392060=note: print w/ replies, xml ) Need Help??


in reply to Re: Button insecurity
in thread Button insecurity

You said "Nobody steals your cookie, or logs in as you. You clicking the link causes *your* browser to send a query to PerlMonks requesting it to do something for you."

From CB:

diotalevi 2004-09-18 18:34:02
Oh well... don't keep JS on *my* account. I'm just using the neat tricks while I can. I even touch your cookie and use it to generate a URL


Comment on Re^2: Button insecurity
Replies are listed 'Best First'.
Re^3: Button insecurity
by Anonymous Monk on Sep 18, 2004 at 23:20 UTC
    And here's the rest of the quote, for the record:

    "I even touch your cookie and use it to generate a URL to get Markov Yourself to work."

    No malicious intent, no account stealing, just some good old-fashioned fun.

Re^3: Button insecurity
by Anonymous Monk on Oct 02, 2004 at 07:25 UTC
    He uses JS to get only your username, not your password (hes nice like that).

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://392060]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (9)
As of 2015-07-30 07:46 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The top three priorities of my open tasks are (in descending order of likelihood to be worked on) ...









    Results (270 votes), past polls