CFA/Security-Research/Cookies: Difference between revisions
< CFA | Security-Research
Jump to navigation
Jump to search
No edit summary |
|||
| (5 intermediate revisions by the same user not shown) | |||
| Line 4: | Line 4: | ||
<br> | <br> | ||
<small>« [[CFA/Security-Research|Security Research]]</small> | <small>« [[CFA/Security-Research|Security Research]]</small> | ||
=== Current Capabilities === | === Current Capabilities === | ||
* | * Accepting cookies | ||
** Exceptions | |||
** Show cookies/cookie manager | |||
** Discard when quitting | |||
=== Upcoming Capabilities === | === Upcoming Capabilities === | ||
=== Features by 3rd parties or other browsers === | === Features by 3rd parties or other browsers === | ||
* | * Accept cookies only from the current site (OmniWeb) | ||
* Block/prompt/accept third-party cookies (IE) | |||
=== Additional features === | === Additional features === | ||
=== Screenshots === | === Screenshots === | ||
[[image:CookieIE.PNG]] | |||
[[ | |||
=== Conclusions === | === Conclusions === | ||
* Outside of privacy concerns, cookie security concerns lie in cross-site scripting | |||
** One site can gain unauthorized access to another site's cookies through flaws in the website. Is this something the browser can prevent? | |||
Latest revision as of 00:24, 8 August 2007
« Comparative Feature Analyses
« Security Notes
« Security Research
Current Capabilities
- Accepting cookies
- Exceptions
- Show cookies/cookie manager
- Discard when quitting
Upcoming Capabilities
Features by 3rd parties or other browsers
- Accept cookies only from the current site (OmniWeb)
- Block/prompt/accept third-party cookies (IE)
Additional features
Screenshots
Conclusions
- Outside of privacy concerns, cookie security concerns lie in cross-site scripting
- One site can gain unauthorized access to another site's cookies through flaws in the website. Is this something the browser can prevent?