[ajug-members] Cookie question
James Thomas
arcticblast at gmail.com
Thu Jul 6 10:14:13 EDT 2006
Would this be the case for both 1st party and third party cookies?
On 7/6/06, Dean H. Saxe <dean at fullfrontalnerdity.com> wrote:
>
> Cookies are only sent to the site from which they have originated.
> So a cookie set with the domain ".fullfrontalnerdity.com" will go to
> any host in the fullfrontalnerdity.com domain, but not the foo.com
> domain. In other words, you don't have to do anything. Now, if you
> have cross-site scripting vulnerabilities, then anyone could steal
> the contents of the cookies, but that's another discussion...
>
> -dhs
>
> Dean H. Saxe, CISSP, CEH
> dean at fullfrontalnerdity.com
> "I have always strenuously supported the right of every man to his
> own opinion, however different that opinion might be to mine. He who
> denies another this right makes a slave of himself to his present
> opinion, because he precludes himself the right of changing it."
> -- Thomas Paine, 1783
>
> Find out about my Hike for Discovery at www.fullfrontalnerdity.com/hfd
>
>
>
> On Jul 6, 2006, at 9:30 AM, James Thomas wrote:
>
> > Hi Team,
> >
> > We are currently using 1st party cookies to track certain
> > information about our customers, however, we have a third party
> > business partner that creates and tracks other data about our users
> > for us as well. We want to restrict access to our third party to
> > only the cookies they are concerned with and not all of the cookies
> > in the domain. What is the best way to accomplish this? This is a
> > CF5 soon to be Java web app.
> >
> > Any thoughts?
> > _______________________________________________
> > ajug-members mailing list
> > ajug-members at ajug.org
> > http://www.ajug.org/mailman/listinfo/ajug-members
>
> _______________________________________________
> ajug-members mailing list
> ajug-members at ajug.org
> http://www.ajug.org/mailman/listinfo/ajug-members
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.ajug.org/pipermail/ajug-members/attachments/20060706/eb99ff39/attachment.html
More information about the ajug-members
mailing list