[GH-ISSUE #24] caution: do not use domain cookies #22

New issue

Closed

opened 2026-02-26 09:34:59 +03:00 by kerem · 1 comment

kerem commented

2026-02-26 09:34:59 +03:00

Owner

Originally created by @ThomasWaldmann on GitHub (Oct 22, 2013).
Original GitHub issue: https://github.com/nsupdate-info/nsupdate.info/issues/24

ThomasWaldmann wrote:
we only use single host cookies, this issue just serves as a warning:

if we would use domain cookies like for ".nsupdate.info", all hosts in that domain would be able to read and write these cookies. our sites, but also users' sites.

Originally created by @ThomasWaldmann on GitHub (Oct 22, 2013). Original GitHub issue: https://github.com/nsupdate-info/nsupdate.info/issues/24 ThomasWaldmann wrote: we only use single host cookies, this issue just serves as a warning: if we would use domain cookies like for ".nsupdate.info", all hosts in that domain would be able to read and write these cookies. our sites, but also users' sites.

kerem closed this issue

2026-02-26 09:35:00 +03:00

kerem commented

2026-02-26 09:35:00 +03:00

Author

Owner

@ThomasWaldmann commented on GitHub (Oct 22, 2013):

ThomasWaldmann wrote:
moved warning to documentation (security.rst) in new org repo

@ThomasWaldmann commented on GitHub (Oct 22, 2013): ThomasWaldmann wrote: moved warning to documentation (security.rst) in new org repo