Vicent Martí (via Jeff Johnson): As we’ve seen, by overflowing the cookie jar in the web browser, we can craft requests with evil cookies that cannot be blocked server-side. There’s nothing particularly new here: Both Egor’s original proof of concept and the variations exposed here have been known for a while.As it stands right now, … Continue reading Yummy Cookies Across Domains