nikcub
commented
14 years ago Interesting - let me check it out. Thanks for reporting it
Open alok0 opened 14 years ago
nikcub
commented
14 years ago Interesting - let me check it out. Thanks for reporting it
nikcub
commented
14 years ago Ok Twitter is re-setting the cookie, I will work out a way around it
I am now capturing both the cookie on-set and cookie on-change events in Chrome and double-checking that the secure flag is set at that point as well. Testing it now to make sure that Twitter doesn't send it into an infinite loop.
I am still getting leaks by doing logging in via https://twitter.com/login (And also from time to time there is requests to
/scribethat are leaking cookies through.)Is twitter automatically overriding the secure cookies or something? Whatever is happening, the cookies are coming through.
Facebook on the other hand is clean, cookies do not get through, even though there are many more random non-ssl requests.