1998-01-26 - Re: NYTimes web cookies

Header Data

From: Steve Schear <schear@lvdi.net>
To: cypherpunks@cyberpass.net
Message Hash: dbef129a98ca43eaa3cf843e2914ddbd0be659509b613247c2d66da546c57715
Message ID: <v0310280ab0f19f4f8fdc@[208.129.55.202]>
Reply To: <199801251852.NAA20393@myriad>
UTC Datetime: 1998-01-26 02:11:13 UTC
Raw Date: Mon, 26 Jan 1998 10:11:13 +0800

Raw message

From: Steve Schear <schear@lvdi.net>
Date: Mon, 26 Jan 1998 10:11:13 +0800
To: cypherpunks@cyberpass.net
Subject: Re: NYTimes web cookies
In-Reply-To: <199801251852.NAA20393@myriad>
Message-ID: <v0310280ab0f19f4f8fdc@[208.129.55.202]>
MIME-Version: 1.0
Content-Type: text/plain



At 1:52 PM -0500 1/25/98, Matthew Ghio wrote:
>> Cookies and the NYTIMES subscription: NYTIMES.COM tries to store your
>> userid and password in the cookie with keywords PW= and ID=. Problem is,
>> it tries to encode them using 8-bit characters. Lucky for us, at this time
>> NYTIMES.COM does not check if userid/password are valid, just that they're
>> a part of the cookie!! So, just add these two lines to your junkbuster
>> config:
>> 
>> wafer PW=0
>> wafer ID=0
>> 
>> and nytimes.com will greet you as "0" and let you right in.
>
>
>It doesn't check the PW or ID at all except the first time you log in.
>After that it generates a new cookie titled NPLCNYT and that is the only
>cookie it checks; the PW and ID are not required to be there at all.
>If you delete the NPLCNYT cookie, it will check the PW/ID and generate
>a new one.  An example cookie is below:
>
>NPLCNYT=AAAALw>AAAAAX9IUUWiPhfALqHZuSh2mUM0yzNOwGRReAAAAAsAAAAAY3lwaGVycHVua3M>


Anyone have something similar for the WSJ?

--Steve







Thread