• Welcome to Valhalla Legends Archive.
 

Cookies (Web browser)

Started by Lenny, February 04, 2005, 11:47 PM

Previous topic - Next topic

Lenny

I've noticed that when a server sends a client the cookie values, some sites send such things as username and password in plaintext.  But the browser stores it differently.  I know that different browsers store cookies in different formats, but how does IE store such cookie values?

Also, iirc, more sophisticated websites enable 'auto-login' for a client without the server ever having to send the password.  Or allows the client to login without ever having to send (in plaintext) the password.  Does the server send a hashing or encryption algorithm for the browser?  Or is it more standardized?
The Bovine Revolution
Something unimportant

Live Battle.net:

WARNING: The preceding message may have contained content unsuitable for young children.

Kp

1) It doesn't matter how IE stores cookies, you shouldn't be using IE on the open net.
2) Probably, but without a specific example, there's no way to know for sure.  Another possible strategy would be to use the cookie in the canonical sense, such that the data on the client truly is a magic value.  That is, the server rolls some completely arbitrary token and saves that with your user record as being a valid login token, then gives you that token for when you come back.  As soon as you log out of the site, that token is useless forever-after.
[19:20:23] (BotNet) <[vL]Kp> Any idiot can make a bot with CSB, and many do!

MyndFyre

Quote from: Kp on February 05, 2005, 10:46 AM
1) It doesn't matter how IE stores cookies, you shouldn't be using IE on the open net.
You might still want to know how IE stores cookies because, whether or not it *should* be true, the fact is that IE is the most widely-used browser.
QuoteEvery generation of humans believed it had all the answers it needed, except for a few mysteries they assumed would be solved at any moment. And they all believed their ancestors were simplistic and deluded. What are the odds that you are the first generation of humans who will understand reality?

After 3 years, it's on the horizon.  The new JinxBot, and BN#, the managed Battle.net Client library.

Quote from: chyea on January 16, 2009, 05:05 PM
You've just located global warming.

Ban

Yeah, because people are uninformed and companies refuse to migrate to the far better firefox

Kp

Quote from: MyndFyre on February 07, 2005, 05:00 PMYou might still want to know how IE stores cookies because, whether or not it *should* be true, the fact is that IE is the most widely-used browser.

It is more widely used, but that's no reason to permit using it here if he can avoid it.
[19:20:23] (BotNet) <[vL]Kp> Any idiot can make a bot with CSB, and many do!

Lenny

I was not intending to use IE for my web browsing but merely wondering how a popular browser such as IE would save cookies. 

Apparently stealing cookies isn't a necessarily hard task to do, they can pose a big security risk for those of us that keep our sessions open, such as the ones for these forums =\
The Bovine Revolution
Something unimportant

Live Battle.net:

WARNING: The preceding message may have contained content unsuitable for young children.

hismajesty

Quote from: Kp on February 08, 2005, 03:55 PM
Quote from: MyndFyre on February 07, 2005, 05:00 PMYou might still want to know how IE stores cookies because, whether or not it *should* be true, the fact is that IE is the most widely-used browser.

It is more widely used, but that's no reason to permit using it here if he can avoid it.

Just because you don't use IE, doesn't mean 95% of the people with an internet connection don't. And, obviously, that's reason enough to want to learn about how a piece of software works.