> The security implications are that one domain cannot read cookies set by
> another, for privacy reasons.
Actually, there is/was a security hole in IE which allowed you to read
cookies from other domains - if people haven't installed the update, then
you can still read cookies from other domains
I'd have to dig for the vunerability notes, but it's a definite exploit that
could be used if not fixed.
Philip Arnold
ASP Multimedia Limited
T: +44 (0)20 8680 1133
"Websites for the real world"
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
**********************************************************************
------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/[email protected]/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
