lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
From: rms at computerbytesman.com (Richard M. Smith)
Subject: googlesyndication.com cookies

Hi,

Google is now serving ads for other Web sites.  These Google ads typically
appear as text links on a Web page for products related to the content of
the page.  Google has created a new domain, googlesyndication.com, for
serving these text link ads inside of IFRAMEs.  Google is attempting to set
a cookie for this domain, but in my experiments, they are using the standard
google.com domain name in the Set-Cookie HTTP response header.  I believe
this is a bug.

Here's an example: 

C:\>geturl http://pagead2.googlesyndication.com
HTTP/1.0 200 OK
Cache-control: private
Content-Type: text/html
Set-Cookie:
PREF=ID=43229c4f74f9288f:TM=1065889171:LM=1065889171:S=l68-x3buIwBBl
3rF; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/; domain=.google.com
Server: GWS/2.1
Content-length: 2690
Date: Sat, 11 Oct 2003 16:19:31 GMT
Connection: Keep-Alive

Richard M. Smith
http://www.ComputerBytesMan.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ