[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [WEB SECURITY] HttpOnly and Firefox

From: Gervase Markham <gerv@xxxxxxxx>
Subject: Re: [WEB SECURITY] HttpOnly and Firefox
Date: Fri, 28 Jul 2006 23:42:22 +0100

Stefano Di Paola wrote:
> Hi all,
> I wrote some toughts on how to implement  httponly cookies 
> methodology using Js on Mozilla firefox.
> 
> http://www.wisec.it/sectou.php?lang=en

Sadly, cunning though this is, it won't work. I initially thought it
would, but then one of our security guys set me straight. See the
comments here:
http://weblogs.mozillazine.org/gerv/archives/2006/07/httponly_for_firefox.html

Gerv

----------------------------------------------------------------------------
The Web Security Mailing List: 
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Follow-Ups:
- Re: [WEB SECURITY] HttpOnly and Firefox
  - From: Stefano Di Paola

References:
- [WEB SECURITY] HttpOnly and Firefox
  - From: Stefano Di Paola

Prev by Date: Re: [WEB SECURITY] Detecting, Analyzing, and Exploiting Intranet Applications using JavaScript
Next by Date: [WEB SECURITY] XSS Hands on Podcast has been released
Previous by thread: [WEB SECURITY] HttpOnly and Firefox
Next by thread: Re: [WEB SECURITY] HttpOnly and Firefox
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site