Closed
Bug 109978
Opened 23 years ago
Closed 23 years ago
read cookies set by other servers
Categories
(Core :: Networking: Cookies, defect)
Tracking
()
RESOLVED
INVALID
People
(Reporter: wfm, Assigned: morse)
Details
From Bugzilla Helper: User-Agent: Mozilla/5.0 (Windows; U; Win 9x 4.90; en-US; rv:0.9.5+) Gecko/20011113 BuildID: 2001111303 I was writing some perl scripts to run on my own Linux server to teach myself about reading and setting cookies. I was testing them running a Windows laptop. print "Content-type:text/html\n\n"; $cdata = $ENV{'HTTP_COOKIE'}; ($name,$cid) = split(/=/,$cdata); print $cdata; I used the script extract to read a cookie from my PC, and then dislay it in the web page. My domain name (macscan.co.uk) is and always has been hosted on a Linux server. However, when I ran the script it gave me something like the following: SITESERVER=ID=kuyf65yig67565ro78t95r6r87t. I then did a search in my cookies file and found this same long key in repeated several times, as well the word SITESERVER. If I am not wrong Site server is some Microsoft technology, so itcouldn't have come from me. So why was I able to read other cookies whilst running a perl script on my own server. I have never set any cookies with the name SITESERVER, and a web server should only be able to read it's own cookies, surely ?? Reproducible: Always Steps to Reproduce: #!/usr/bin/perl -w print "Content-type:text/html\n\n"; $cdata = $ENV{'HTTP_COOKIE'}; ($name,$cid) = split(/=/,$cdata); print $cdata; Actual Results: It printed out the cookie name and value of some one elses cookie. Expected Results: Read the cookie I was trying/failing to set. I have since deleted all cookies with the name SITESERVER and the problems no longer occurs.
Assignee | ||
Comment 1•23 years ago
|
||
Please attach a screen shot of your cookie-manager window. In particular I want to see the cookie whose name is SITESERVER. Select that cookie before taking the screenshot so we can see what the properties of that cookie are.
Assignee | ||
Comment 2•23 years ago
|
||
Reporter, please respond to my request above. Thanks.
Assignee | ||
Comment 3•23 years ago
|
||
Marking as invalid per lack of reporter's response to my questions.
Status: UNCONFIRMED → RESOLVED
Closed: 23 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•