1997-08-08 - Re: Query on cookies

Header Data

From: Declan McCullagh <declan@pathfinder.com>
To: “Dr.Dimitri Vulis KOTM” <dlv@bwalk.dm.com>
Message Hash: 5bbacc8aabef57bfb665dc46723654ab49af24b7dbb9746f7e5b93caf4e3317c
Message ID: <Pine.GSO.3.95.970807232303.2811A-100000@cp.pathfinder.com>
Reply To: <R5u3ae3w165w@bwalk.dm.com>
UTC Datetime: 1997-08-08 07:41:19 UTC
Raw Date: Fri, 8 Aug 1997 15:41:19 +0800

Raw message

From: Declan McCullagh <declan@pathfinder.com>
Date: Fri, 8 Aug 1997 15:41:19 +0800
To: "Dr.Dimitri Vulis KOTM" <dlv@bwalk.dm.com>
Subject: Re: Query on cookies
In-Reply-To: <R5u3ae3w165w@bwalk.dm.com>
Message-ID: <Pine.GSO.3.95.970807232303.2811A-100000@cp.pathfinder.com>
MIME-Version: 1.0
Content-Type: text/plain



I believe this is what the folks at Netscape tried to eliminate in 4.0,
which I'm told features four cookie settings. One rejects "third party
cookies."

-Declan


On Thu, 7 Aug 1997, Dr.Dimitri Vulis KOTM wrote:

> Declan McCullagh <declan@well.com> writes:
> 
> > Thanks for the help, folks. This is for an article on privacy I was
> > working on, and I found the info I needed. For instance, Netscape's
> > explanation of the protocol left me wondering about whether cookies from
> > acme.com could be requested by competitor.com.
> The answer is YES, although it requires a little work.
> 
> Suppose that you point your browser at http://www.A.com/index.html.
> 
> Suppose that file contains an <img src="http://www.B.com/X.cgi">.
> The CGI file displays a little picture, and also gets or sets a cookie.
> 
> Suppose you next browse http://www.C.com/index.html, and it too
> contains the same <img src...>.  Since the cookie is "owned" by B.com,
> not A.com or C.com, the cgi file can track your movement from A.Com to
> B.Com.
> 
> 
> ---
> 
> Dr.Dimitri Vulis KOTM
> Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps
> 
> 






Thread