Hacker News new | past | comments | ask | show | jobs | submit login

Oof. Depending on how they store authentication data, it might be possible to get someone's session token. Let's hope the cookies are "HttpOnly".



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: