back to article Last week's cookie-vuln won't be the last, security bod says

In the wake of last week's cookie security warning, accomplished Polish penetration tester Dawid Czagan has dug up a separate issue with Apple's Safari. The bug Czagan has reported to Apple relates to its handling of the HTTPOnly flag, again leaving cookies open to attack. Internet Explorer too suffers from cookie domain …

  1. Will Godfrey Silver badge
    Meh

    Belt & Braces

    I block cookies by default. If a website insists (and I actually find it worth bothering with). I don't follow any links, and close the browser when I've finished with that site.

  2. -v(o.o)v-

    HSTS means HTTP Strict Transport Security - not "HTTP Secure Transport Security" as mentioned in the article.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019