Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Illegal cookies

Reply
Thread Tools

Illegal cookies

 
 
Peter James
Guest
Posts: n/a
 
      02-06-2004
I posted this to the NG opera.general, and then thought it might be a
security issue. Can anyone help.

In attempting to browse the Amazon web page Opera 7.23 returns the
following message:
"The server tried to set an illegal cookie. the combination of the
servers hostname and the domain attribute for this cookie is not
acceptable, and the cookie has therefore been rejected. You might
want to ask the sites Webmaster to set legal cookies.
Address: http://www.amazon.co.uk"

Below this is a box with the following:
"skin=; domain=amazon.com; path=/; expires wed,
01-Aug-01 12.00 GMT"

In Opera preferences cookies are set to:
normal -accept without question
3rd party - refuse without question.

I have also Opera set to delete cookies upon exit.
Can anyone help. Thanks
--

Peter James
Change AT to @ to reply
 
Reply With Quote
 
 
 
 
*Vanguard*
Guest
Posts: n/a
 
      02-06-2004
"Peter James" said in news:(E-Mail Removed):
> I posted this to the NG opera.general, and then thought it might be a
> security issue. Can anyone help.
>
> In attempting to browse the Amazon web page Opera 7.23 returns the
> following message:
> "The server tried to set an illegal cookie. the combination of the
> servers hostname and the domain attribute for this cookie is not
> acceptable, and the cookie has therefore been rejected. You might
> want to ask the sites Webmaster to set legal cookies.
> Address: http://www.amazon.co.uk"
>
> Below this is a box with the following:
> "skin=; domain=amazon.com; path=/; expires wed,
> 01-Aug-01 12.00 GMT"
>
> In Opera preferences cookies are set to:
> normal -accept without question
> 3rd party - refuse without question.
>
> I have also Opera set to delete cookies upon exit.
> Can anyone help. Thanks


Looks like it is your cookie setting which refuses 3rd party cookies.
Normally a site writes a cookie in which the domain listed within the cookie
(that can use that cookie) is the same as the site's domain. However,
sometimes a site will write a cookie for another domain (i.e., 3rd party)
which will get subsequently used. For example, when you login to Hotmail
(which uses hotmail.microsoft.com and passport.net and/or passport.com
sites), they also try to write a 3rd party cookie for some other domain (I
forget what). Since I have 3rd party cookies rejected, I see the hazard
icon in IE's status bar and when I double-click on it then it tells me the
3rd party cookies (which were written by the 1st party) that got rejected.
Apparently Opera pops up a warning. Maybe that can be turned off.

--
__________________________________________________ __________
*** Post replies to newsgroup. E-mail is not accepted. ***
__________________________________________________ __________


 
Reply With Quote
 
 
 
 
Craig Peterson
Guest
Posts: n/a
 
      02-06-2004
As a rule you can ignore 3rd party cookies -- those set on behalf of a
domain of which the server is not a member. Most often these are used
to track advertising,

Craig.

--
For a free security gap analysis visit gap.mainstream.net

Peter James wrote:

> I posted this to the NG opera.general, and then thought it might be a
> security issue. Can anyone help.
>
> In attempting to browse the Amazon web page Opera 7.23 returns the
> following message:
> "The server tried to set an illegal cookie. the combination of the
> servers hostname and the domain attribute for this cookie is not
> acceptable, and the cookie has therefore been rejected. You might
> want to ask the sites Webmaster to set legal cookies.
> Address: http://www.amazon.co.uk"
>
> Below this is a box with the following:
> "skin=; domain=amazon.com; path=/; expires wed,
> 01-Aug-01 12.00 GMT"
>
> In Opera preferences cookies are set to:
> normal -accept without question
> 3rd party - refuse without question.
>
> I have also Opera set to delete cookies upon exit.
> Can anyone help. Thanks


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Give Request.Cookies and Response.Cookies is there any reason to use another method to use cookies? _Who ASP .Net 7 09-18-2008 07:49 PM
What's the proper way of reading cookies? Request.Cookies("mycook") doesnt work user ASP .Net 3 03-31-2007 01:53 PM
Response.Cookies vs Request.Cookies Alex Nitulescu ASP .Net 1 02-03-2005 09:43 AM
Persistent Cookies vs. session cookies Andy Fish Java 3 11-06-2003 10:44 AM
Good Cookies bad Cookies? AK Computer Support 23 10-26-2003 05:20 AM



Advertisments