Secured Loans - Credit Cards - Unblock Myspace - Remortgages - Car Finance
PDA

View Full Version : 3rd Party Cookies

sarahk
Apr 16th 2004, 3:08 pm
Is there anyway, with PHP, that I can pick up the values of 3rd party cookies?
digitalpoint
Apr 16th 2004, 4:25 pm
Nope... can't do it with anything, because the browser won't give it. It's a security risk. :) For example you could visit a random site, they could read your cookie that automatically logs you into this forum, and then utilize your account.

- Shawn
sarahk
Apr 16th 2004, 5:12 pm
so what am I blocking when I set this in IE?

http://www.pcpropertymanager.com/test/3rdPartyCookie.gif

My business need is to find out if RegNow have set an affiliate cookie because when the affiliates come to my site they all use different tactics so it's hard to know what's going on.

Sarah
digitalpoint
Apr 16th 2004, 5:23 pm
You can have a 3rd party cookie set from a site, but you cannot read it from that site.

- Shawn
sarahk
Apr 16th 2004, 5:32 pm
ok, thanks Shawn. I was hoping I'd missed something along the line ;)
mushroom
Jun 6th 2004, 11:55 am
so what am I blocking when I set this in IE?

http://www.pcpropertymanager.com/test/3rdPartyCookie.gif

Sarah

Some times web pages load content from other sites (bander adds etc) that wish to set their own cookie that is what you are blocking. :p
younghistorians
Jun 9th 2004, 5:22 pm
Nope... can't do it with anything, because the browser won't give it. It's a security risk. :) For example you could visit a random site, they could read your cookie that automatically logs you into this forum, and then utilize your account.

- Shawn

Incorrect-Flash can read 3rd party cookies-that's why many forums ban flash sigs.
digitalpoint
Jun 9th 2004, 5:26 pm
You sure about that?
younghistorians
Jun 9th 2004, 5:39 pm
You sure about that?

Almost positive, because over at Flashkit (http://www.flashkit.com), they had to stop allowing flash sigs because there was a security hole which allowed people to read other forum members cookies which contained their passwords.
digitalpoint
Jun 9th 2004, 5:48 pm
Hmmm... I've never heard of that before. The cookie is controlled by the browser, so I'm not sure how it could get around the browser's security.. but maybe... who knows.
younghistorians
Jun 9th 2004, 5:58 pm
Hmmm... I've never heard of that before. The cookie is controlled by the browser, so I'm not sure how it could get around the browser's security.. but maybe... who knows.

Maybe ask around at Flashkit-the sigs have been gone 2 years now.
RobetoRubio
Dec 19th 2004, 6:52 pm
Hi Shawn
Do you know how to do this in PHP?
I was trying with setcookie() but it doesnt work.

You can have a 3rd party cookie set from a site, but you cannot read it from that site.

- Shawn
exam
Dec 28th 2004, 8:31 pm
Apparently it is an issue.. here's what norton says about it http://www.securityfocus.com/bid/8900/solution/