Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl Monk, Perl Meditation
 
PerlMonks  

Re^3: Security: Dancer Session cookie swap

by sundialsvc4 (Abbot)
on Jun 06, 2014 at 11:55 UTC ( #1089013=note: print w/replies, xml ) Need Help??


in reply to Re^2: Security: Dancer Session cookie swap
in thread Security: Dancer Session cookie swap

BrowserUK, there’s a marvelous little box at the upper right-hand corner of the screen called, “Log In.”   The gods have not yet reported that this feature is not in operation.

Nevertheless, what we have before us here is a documented swap of one user’s identity for another ... and we’d better help find that explanation for what is a total compromise of some Dancer-based site.   Let (s)he who has a credible theory as to why this code is flawed, and how to reliably fix it, please step-forth as everything else is off-topic.   Cowering behind Anonymous Monk to snipe at someone-else, without clearly articulating what is wrong and why you think so, is also irrelevant to the topic of figuring out what has gone wrong here and why.

Q:   What has gone wrong here, and why is it hard-to-reproduce, and why does it occur in this production environment at all?

  • Comment on Re^3: Security: Dancer Session cookie swap

Replies are listed 'Best First'.
Re^4: Security: Dancer Session cookie swap
by marto (Archbishop) on Jun 06, 2014 at 12:19 UTC

    It's ironic that you of all people are advising someone else (it would seem you believe this to be BrowserUK for reasons unknown, evidence please?) given your own history of posting as Anonymous Monk, with many unsubstantiated claims that the site logged you out.

Re^4: Security: Dancer Session cookie swap
by Anonymous Monk on Jun 06, 2014 at 12:12 UTC
    Once again, I'm not BrowserUK. Stop making things up.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1089013]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others meditating upon the Monastery: (10)
As of 2019-06-24 08:47 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Is there a future for codeless software?



    Results (97 votes). Check out past polls.

    Notices?