WebApp Sec mailing list archives
RE: Session Fixation
From: Douglas Schlenker <Douglas.Schlenker () RoyalRoads ca>
Date: Tue, 1 Apr 2003 09:17:38 -0800
Ok, I'm going to bite... can you explain what IE's ^Super Cookie^ is? I've never heard of this reference before and I'm quite interested. douglas Hi, Has anyone put the Internet Explorer ^Super Cookie^ to use ? For the particular app I am working on, I can guarantee that all the user are connecting with IE over ssl. Plus they all (mainly) go through a router from the same LAN, thus appear to have the same IP. I am currently logging the super cookie to try and determine if it really is unique enough. Regards Ian --
Current thread:
- Re: Session Fixation Ian (Apr 01)
- Re: Session Fixation Fred van Engen (Apr 01)
- <Possible follow-ups>
- RE: Session Fixation Douglas Schlenker (Apr 01)
- Re: Session Fixation Matt Fisher (Apr 01)
- Re: Session Fixation Alex Russell (Apr 01)
- RE: Session Fixation Cyrill Osterwalder (Apr 01)
- Re: Session Fixation Matt Fisher (Apr 01)