Message from JavaScript discussions

April 2019

— To catch bad people

— 

I mean honestly, with how cookies are loaded, I'd think theoretically you could host another connection to a different website on your site that users can't blatantly see, forcing the browser to actively load cookies for autologin sessions, and you could probably grab them just as you normally get and set cookies, but it'd be fairly useless imo.

— If I was going to do it, that would be the first method I'd attempt

— But honestly any half decent web dev isnt going to only rely on a session key in a cookie to authenticate users

Message permanent page

— Cookies are the ones that you set to mantain the user data in the browser right ? so what do you mean by stealing the cookie that your backend code set ?

Message permanent page

— Yes
Get more info as possible from the visitor

— Like ?

— Can you give an example ?

— If you want more info on a user, you'd have better lucky breaking out the packets they send to yoe server

Message permanent page

— Ip, location, stores passwords and last web site visited

— Storaged passwords

— *