Saturday, 8 June 2013

Are there any HTTP servers that can detect two cookies with the same name, but issued from different subdomains?

Are there any HTTP servers that can detect two cookies with the same name, but issued from different subdomains?

As a follow up to the Related Domain Cookie Attack question, I'd like to see if there are any servers that are able to detect instances where multiple cookies are sent from multiple domains.
In other words, what combinations of client software and server software can detect when multiple cookies have been issued for multiple domains?

No comments:

Post a Comment