Open ghost opened 5 years ago
This can be done similar to the third party scan with headless chrome. See https://stackoverflow.com/questions/50252943/puppeteer-get-3rd-party-cookies for the basic method and https://github.com/andersju/webbkoll/blob/master/misc/backend/index.js#L84 for an example implementation.
While the mere existence of a cookie is relevant from a privacy perspective, additional evaluations could focus on security aspects like cookie attributes and session management.
This can be done similar to the third party scan with headless chrome. See https://stackoverflow.com/questions/50252943/puppeteer-get-3rd-party-cookies for the basic method and https://github.com/andersju/webbkoll/blob/master/misc/backend/index.js#L84 for an example implementation.
While the mere existence of a cookie is relevant from a privacy perspective, additional evaluations could focus on security aspects like cookie attributes and session management.