On Thu, Apr 11, 2013 at 6:05 PM, Jann Horn wrote:
> On Thu, Apr 11, 2013 at 05:01:57PM +0200, Jan Wrobel wrote:
>> [...]
>
> CDNs could mitigate this by, instead of resetting connections with lots of
> headers,
> just reading all the cookies and throwing them into the bit bucket instead of
> kee
On Thu, Apr 11, 2013 at 05:01:57PM +0200, Jan Wrobel wrote:
> Hello,
>
> In short:
>
> Browsers can be easily cut from any resources hosted on Content
> Delivery Networks that use a domain shared between users, by a visit
> to a malicious site that sets large number of cookies on the common
> pre
On Thu, Apr 11, 2013 at 6:32 PM, Michal Zalewski wrote:
> This is fairly well-known, I think; for example, there's a mention of this
> here (search for appspot.com):
>
> http://lcamtuf.blogspot.com/2010/10/http-cookies-or-how-not-to-design.html
Yes, the idea of such DoS technique is not new, but
This is fairly well-known, I think; for example, there's a mention of this
here (search for appspot.com):
http://lcamtuf.blogspot.com/2010/10/http-cookies-or-how-not-to-design.html
I think it's also covered in "The Tangled Web"; it's also why you see
domains such as blogspot.com and appspot.com i
Hello,
In short:
Browsers can be easily cut from any resources hosted on Content
Delivery Networks that use a domain shared between users, by a visit
to a malicious site that sets large number of cookies on the common
prefix of the CDN domain.
For example, an HTML document on 'foo.rackcdn.com' (
