Well heres what Scott said about session cookies: These cookies are not saved to any local Folders or harddrive, and only reside in memory during the current Browser window session (a virtual cookie-jar).
These cookies only pass back their data to the Domain that assigned them, so they are safe from capture by all other domains. Which is why Session Cookies are not considered the same thing as regular cookies, because regular cookies can be captured by other sites. Regular Cookies are what those Marketing guys with the annoying popup adds are using. ----- Original Message ----- From: "Nicholas Froome" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, July 31, 2003 6:04 AM Subject: RE: Witango-Talk: cookies > This is the longest thread I've seen on this list re Cookies, and very welcome it is too > > Many sites autheticate you when you return by reading cookies set during a previous visit. If this cookie is readable by other sites when you visit those sites, isn't this data vulnerable? > > Amazon, for one, knows your name when you return - because they've linked your account to your cookie. I don't know if they allow you to purchase things without further authentication but, if they did, details of your cookie would give someone access to your account > > How are other developers dealing with this? Is this an issue we should consider? > > ________________________________________________________________________ > TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf > ________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/maillist.taf
