efronbs
commented
7 years ago Currently I am eliminating all session cookies, but I am doing no scrubbing beyond that.
Secure cookies are also a potential indicator of a cookie that should not be shared. It may be worth it to look into analyzing secure cookies and perform some analysis to intelligently scrub them. If I decide to do this is will be opened as a separate issue.
Because this application will share cookies between users, it is important to ensure that I am not sharing any private information.
I need to find a way to analyze a given cookie, and determine if it is shareable or not.