[WEB SECURITY] HttpOnly and Firefox

Gervase Markham gerv at gerv.net
Fri Jul 28 18:42:22 EDT 2006


Stefano Di Paola wrote:
> Hi all,
> I wrote some toughts on how to implement  httponly cookies 
> methodology using Js on Mozilla firefox.
> 
> http://www.wisec.it/sectou.php?lang=en

Sadly, cunning though this is, it won't work. I initially thought it
would, but then one of our security guys set me straight. See the
comments here:
http://weblogs.mozillazine.org/gerv/archives/2006/07/httponly_for_firefox.html

Gerv

----------------------------------------------------------------------------
The Web Security Mailing List: 
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]



More information about the websecurity mailing list