473,320 Members | 2,107 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

a few questions about cookies

I am creating a cookie based on a referral id like
www.mydomain.com/refid=3444

I call the cookie 'refidbymber' in the javascript that saves the 3444 to be
viewed on the web page.

1. Is it possible for another web page to create a cookie called
'refidnumber' and overwrite my cookie that I placed on the persons pc?

2. Is there a way to hide the javascript in the url? you can see exactly
the code to create, retrieve the cookie info.
Isnt this dangerous?

Thanks in advance
Jul 23 '05 #1
3 1063
In article <0T*****************@newsread1.news.pas.earthlink. net>,
je***@mindspring.com says...
I am creating a cookie based on a referral id like
www.mydomain.com/refid=3444

I call the cookie 'refidbymber' in the javascript that saves the 3444 to be
viewed on the web page.

1. Is it possible for another web page to create a cookie called
'refidnumber' and overwrite my cookie that I placed on the persons pc?
Yes, as long as it's on the same domain.
2. Is there a way to hide the javascript in the url? you can see exactly
the code to create, retrieve the cookie info.
Generate it server-side and encrypt it. Decrypt is server-side too.

Isnt this dangerous?


Possibly.

--
Hywel I do not eat quiche
http://kibo.org.uk/
http://kibo.org.uk/mfaq.php
Jul 23 '05 #2

"Hywel Jenkins" <hy**********@hotmail.com> wrote in message
news:MP************************@news.individual.ne t...
In article <0T*****************@newsread1.news.pas.earthlink. net>,
je***@mindspring.com says...
I am creating a cookie based on a referral id like
www.mydomain.com/refid=3444

I call the cookie 'refidbymber' in the javascript that saves the 3444 to be viewed on the web page.

1. Is it possible for another web page to create a cookie called
'refidnumber' and overwrite my cookie that I placed on the persons pc?


Yes, as long as it's on the same domain.
2. Is there a way to hide the javascript in the url? you can see exactly the code to create, retrieve the cookie info.


Generate it server-side and encrypt it. Decrypt is server-side too.

Isnt this dangerous?


Possibly.

--
Hywel I do not eat quiche
http://kibo.org.uk/
http://kibo.org.uk/mfaq.php


Thanks for your response

what do you mean if it is on the same domain?

How can I generate server - side and encrypt it or decrypt it?
Sorry about the questions, I am new to javascript.

Thanks
Jul 23 '05 #3
In article <2e*****************@newsread1.news.pas.earthlink. net>,
je***@mindspring.com says...

"Hywel Jenkins" <hy**********@hotmail.com> wrote in message
news:MP************************@news.individual.ne t...
In article <0T*****************@newsread1.news.pas.earthlink. net>,
je***@mindspring.com says...
I am creating a cookie based on a referral id like
www.mydomain.com/refid=3444

I call the cookie 'refidbymber' in the javascript that saves the 3444 to be viewed on the web page.

1. Is it possible for another web page to create a cookie called
'refidnumber' and overwrite my cookie that I placed on the persons pc?
Yes, as long as it's on the same domain.
2. Is there a way to hide the javascript in the url? you can see exactly the code to create, retrieve the cookie info.


Generate it server-side and encrypt it. Decrypt is server-side too.

Isnt this dangerous?


Possibly.

Thanks for your response

what do you mean if it is on the same domain?

How can I generate server - side and encrypt it or decrypt it?


Depends on your scripting language. Most server-side languages either
have built-in cookie functions or libraries that handle them for you.
Encryption - RC4 is nice and simple.
Sorry about the questions, I am new to javascript.


That's not a problem. Using JavaScript for this may be, though. If you
want encryption that's secure it may be the wrong technology: if CS
JavaScript needs to decrypt a string, the encryption key will also need
to be client-side.

--
Hywel I do not eat quiche
http://kibo.org.uk/
http://kibo.org.uk/mfaq.php
Jul 23 '05 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

10
by: Marcus | last post by:
Hi All, First, just wanted to say that I found what I thought was a very helpful tutorial on sessions in case anyone out there has questions on them: ...
4
by: Brian Burgess | last post by:
Hi all, Anyone know of any special issues with storing cookies with ASP? I'm trying this with two browsers: One is IE 6.0 with cookies set to 'prompt'. This has been working properly as any...
20
by: Brian Burgess | last post by:
Hi all, Anyone know if this is possible? If so, on which page would the cookie be? .. On the page calling a function defined in the include file? thanks in advance.. -BB
1
by: YT | last post by:
Couple of quick ASP (3.0) Cookie questions: 1/ I'm using a cookie in my asp script to place cookies (within a key) so my code looks like: Response.Cookies( "quoteform" )( "name" ) = Session(...
0
by: Dr. Lovable | last post by:
Hidee, I'm pretty much a newbie and I'm sure most of these questions have been answered before, but humor me, okay? I keep reading that Session variables are evil things to be avoided. Is it...
6
by: Mark | last post by:
Hi... I've come across some weird bug with Response.Cookies. Or maybe it will be called "by design" but for the life of me I can't figure out what purpose it would serve. If you're setting a...
1
by: Wiktor Zychla | last post by:
Hello, I am an experienced Win.Forms developer and now I am learning ASP.NET (no ASP background). there are some basic issues I do not understand and cannot find any satisfable answers. 1. my...
7
by: et | last post by:
I'm not sure I understand the use of the ViewState. Do I understand correctly that values of controls are automatically held in a hidden control called ViewState? If so, then why can't we get...
1
by: Shapper | last post by:
Hello, I am working on an ASP.NET / VB web page. How can I set a cookie in my visitor computer and also a Session Cookie? And how can I retrieve their values? I will run it when page loads....
2
by: Eman | last post by:
Greetings to PHP people! I'm acquainted with PHP about five days (more precisely, with the web programming in general). However i have some other experiences in programming. The first thing i...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
0
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.