How can I monitor if a cookie is being sent to a domain other than the one it originated from?

Posted by Brendan Salt on Stack Overflow See other posts from Stack Overflow or by Brendan Salt
Published on 2010-04-06T18:11:21Z Indexed on 2010/04/07 2:23 UTC
Read the original article Hit count: 309

Filed under:

I am trying to write a program that will verify that all cookies sent out from the machine are in fact going to the domain they came from. This is part of a larger security project to detect cookie based malicious attacks (such as XSS). The main snag for this project is actually detecting the out-going cookies. Can someone point me in the right direction for monitoring out-going HTTP traffic for cookie information? Other information about the project: This is a windows application written in C and numerous scripting languages. Thanks so much for the help.

Related posts about cookie

ASP.Net How to enforce the HTTP get URL format?

as seen on Stack Overflow - Search for 'Stack Overflow'
[Sorry about a messy question. I believe I am targeting .Net 2.0 (for now)] Hi, I am an ASP.NET noob. For starters I am building a page that parses a URL string and populates a table in a database. I want that string to be strictly of the form: http://<server>:<port>/PageName.aspx?A=1&B=2&C=3&D=4&E=5 The… >>> More
Set-Cookie error appearing in logs when deployed to google appengine

as seen on Stack Overflow - Search for 'Stack Overflow'
I have been working towards converting one of our applications to be threadsafe. When testing on the local dev app server everything is working as expected. However, upon deployment of the application it seems that Cookies are not being written correctly? Within the logs there is an error with no… >>> More
Jquery cookie plugin - conditional content determined by cookie being set

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello I have a sign up form that is displayed to all new site visitors. If a user fills out the form, the next time they visit the site, I would like to display a "welcome back" message where the form would usually sit. I am trying to do this via the jquery cookie plugin (http://plugins.jquery… >>> More
ASP.NET resseting SessionID cookie when cookie expiration date is set

as seen on Stack Overflow - Search for 'Stack Overflow'
I have two pages: Default.aspx and WebForm1.aspx. One of these pages stores a session variable which works fine until I add code which ads expiration date to SessionID cookie. What happens is: Open default.aspx Set-Cookie ASP.NET_SessionId=14jhsdfq23jkh13jkh12k1; expires=Fri, 19-Mar-2010… >>> More
Redirect to new page if cookie doesn't exist or if the value of cookie is 'false'

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a DOB 'Are you over 18' script which when the form is filled out, validates if they are over 18 or not for a tobacco site I am working on. When this form is filled it stores a cookie 'ageCheck' with a value of either true or false. I'm having some issues with a bit of javascript which is stored… >>> More

Developer IT

How can I monitor if a cookie is being sent to a domain other than the one it originated from? - Developer IT

How can I monitor if a cookie is being sent to a domain other than the one it originated from?

cookie

c

http

security

Related posts about cookie

ASP.Net How to enforce the HTTP get URL format?

Set-Cookie error appearing in logs when deployed to google appengine

Jquery cookie plugin - conditional content determined by cookie being set

ASP.NET resseting SessionID cookie when cookie expiration date is set

Redirect to new page if cookie doesn't exist or if the value of cookie is 'false'

Related posts about c

Categories cloud