Explore >> Select a destination
|
You are here 
|
attilaolah.eu | ||
| | | | |
blog.plataformatec.com.br
|
|
| | | | | A security bug (CVE-2015-8314) has been reported in Devise's remember me system. Devise implements the "Remember me" functionality by using cookies. While this functionality works across multiple devices, Devise ended-up generating the same cookie for all devices. Consequently, if a malicious user was able to steal a remember me cookie, the cookie could be used | |
| | | | |
blog.kotowicz.net
|
|
| | | | | A blog on security, malware, cryptography, pentesting, javascript, php and whatnots | |
| | | | |
www.sjoerdlangkemper.nl
|
|
| | | | | Cookies are typically sent to third parties in cross origin requests. This can be abused to do CSRF attacks. Recently a new cookie attribute was proposed to disable third-party usage for some cookies, to prevent CSRF attacks. This post will describe the same-site cookie attribute and how it helps against CSRF. | |
| | | | |
blog.ezyang.com
|
|
| | | |||
