[2392] in WWW Security List Archive
Re: Cookies??? May I take your e-mail address, too ?
daemon@ATHENA.MIT.EDU (Alan Olsen)
Thu Jul 11 21:20:25 1996
Date: Thu, 11 Jul 1996 15:43:57 -0700
To: Jens Thiel <thielj@athene.informatik.uni-bonn.de>,
www-security@ns2.rutgers.edu
From: Alan Olsen <alano@teleport.com>
Cc: thielj@athene.informatik.uni-bonn.de (Jens Thiel)
Errors-To: owner-www-security@ns2.rutgers.edu
At 09:18 PM 7/11/96 +0200, Jens Thiel wrote:
>I don't know if those people discussing over cookies know the
>javascript 'feature' of grabbing an e-mail address while loading
>a page. Combine this with cookies and log information!!!
>
>See http://www.Bonn.CityNet.DE/surprise.html for an example.
This does not appear to work with Netscape 3.0 beta 5. (I believe this
security hole was fixed a few versions back.)
Also, the page is in German... Hard to read when you do not speak the
language...
---
Alan Olsen -- alano@teleport.com -- Contract Web Design & Instruction
`finger -l alano@teleport.com` for PGP 2.6.2 key
http://www.teleport.com/~alano/
"We had to destroy the Internet in order to save it." - Sen. Exon
"Microsoft -- Nothing but NT promises."
