Akopia Akopia Services
[Date Prev][Date Next][Thread Prev][Thread Next][Interchange by date ][Interchange by thread ]

Re: [ic] secure server

On Mon, Jan 08, 2001 at 03:27:37PM -0800, Jason Ballou wrote:

> I've found that when using the newest versions of IE
> and Netscape, the cart contents are dropped when you
> go to the secure server if the domain names do not
> match.  No idea why,

That'll be because you can't move cookies from one domain to another.  If
the cookie domain is set correctly, though, I think you could do it.  Say
your hosts were:

  www.shoppingplace.com
  secure.shoppingplace.com

If you set your cookie for shoppingplace.com instead of
www.shoppingplace.com, then I *think* secure.shoppingplace.com can also
see it.  Anyone care to confirm this?


There is a special case of a cookie exploit that can violate these rules,
however:

  http://www.cookiecentral.com/bug/index.shtml


             2
Regards, /|/|
        /   | (MSquared)
-- 
___________________________________________
M Squared  <msquared@digitalwizards.com.au>
Product development
Digital Wizards
http://www.digitalwizards.com.au

_______________________________________________
Interchange-users mailing list
Interchange-users@lists.akopia.com
http://lists.akopia.com/mailman/listinfo/interchange-users
Search for: Match: Format: Sort by: