Hacker News new | past | comments | ask | show | jobs | submit login

This is something Zalewski has written about: http://lcamtuf.blogspot.com/2010/10/http-cookies-or-how-not-... --- if this kind of thing is interesting to you, his latest book, _The Tangled Web_, is excellent.



That page, and the linked browsersec pages on Google Code, are terrifying. Time to burn it all down and start from scratch.

I was particularly stunned to learn HTTP Cookie headers can clobber 'secure' cookies set over HTTPS. Eye-popping.


And to increase your terror, check out http://lcamtuf.coredump.cx/postxss/


Another vote for The Tangled Web. It's a great read.


I read that post before, maybe I missed, but where he says about DoS possibilities of cookie tossing?


Search for "Does this matter from a security perspective".

Also: take a crack at the CTF we set up. I think (a) you'll do well at it and (b) it'll be fun to watch you. http://microcorruption.com.


Yes, now I see. Weird it stayed not fixed, Public suffix list is not implemented in Chrome.

Anyway, the list is not even close to real solution (just had long discussion with @titanius on twitter why not). So many quirks and use cases of <sub>.domain.

> it'll be fun to watch you

uh. hmm, ok.


No pressure there.


You too! You helped us plan the damn thing!


The attack was also discussed in details here: http://mixedbit.org/blog/2013/04/11/dos_attack_on_cdn_users....




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: