Collaborate Disseminate
I know that sites can share some information between each other by sharing cookies amongst themselves. They have to be in some kind of agreement with each other I assume? Or can any random site read all the cookies that are currently saved… Continue reading of the cookies created by OTHER websites, which ones would the browser allow a website to access?
I recently applied for a credit card. I did it via my homebanking interface of my Dutch bank.
The issuer of the cards is ICS, and they contacted me via email (GMail) to inform me about the process. I did not reply to any of those emails (i… Continue reading How can scammers know I applied for a credit card? [closed]
I am using elysiajs for API. I am trying to use Caddyfile for that. Now I want to share cookies between all subdomains that end with .localhost. I am using caddy reverse_proxy to create subdomains like learn.localhost or docs.localhost no… Continue reading How can I share cookies with subdomain in next js? [closed]
I was using yt-dlp to download YouTube videos. It has an option to obtain cookies directly from the browser, probably all of them.
Do the browsers store the cookies with any encryption?
If so, how does the program get the cookies?
If not, … Continue reading Are cookies stored with encryption and and how do browsers protect them?
In learning more about web security, I was thinking of hiding my tool for managing cookies for auth, but putting it in a backend "API" server, and having the frontend "web" server call out to that backend server to get/… Continue reading More secure way than sending cookies through JSON from server to server?
I am working on a web app and need to have access to a user’s salted hash email in middle-ware. The simplest way to do this, for me, would be a cookie. Since this is a salted sha256 hash, even if the cookie was stolen the hacker could not … Continue reading Can I store a salted hash (sha256) of an email in a user’s cookies? [migrated]
How can websites know if I had expired the evaluation period on them?
There are several websites on internet, which offer good services, like realistic voices. I was on a random one and tried out a text-to-speech service. This website had … Continue reading Determining if user has expired 30 days on free-trial websites? [closed]
So I had this simple script that extract’s the master key and decrypts the cookies using the master key. And it was working well last time I tested it which was a year ago.
However now when I am running it, it is producing an error, basica… Continue reading Did Google change their way of encrypting Cookies in their database? [closed]
As far as I’m aware, persistence cookies are only encrypted in transit (HTTPS), but aren’t inherently encrypted while being stored locally on the user’s device.
Assuming a certain persistence cookie can be used to fully authenticate login,… Continue reading Why aren’t persistence cookies locally stored in an encrypted state?
I have a ktor web application where the server sets a secure flag cookie over a secure connection (https) on the client’s side, once he properly logged in. This cookie is required to access the authentication protected routes and should on… Continue reading Secure flag cookies are sent on a non-secure connection