Author: Jeremy Druin
Twitter: @webpwnized
Thank you for watching. Please support this channel. Up vote, subscribe or even donate by clicking "Support" at https://www.youtube.com/user/webpwnized!
Description: Using Mutillidae, we look at the effect HTTPOnly cookies have when a page is infected with a cross site script. The demonstration is primarily targetted at developers who wish to understand better why it is a good idea to set cookies with the HTTPOnly flag. A better solution would be to have all cookies be HTTPOnly unless the developer overrides. Mutillidae is a free web application with vulnerabilities added on purpose to give security enthusiast and developers an application to practice various attacks and defenses. It is a free download on Sourceforge. Updates on Mutillidae are tweeted at @webpwnized.
Cross-Site Scripting Explained - Part 6: HTTPOnly Cookies | |
| 16,518 views views | 18,030 followers |
| 37 Likes | 37 Dislikes |
| Science & Technology | Upload TimePublished on 12 Jan 2012 |
No comments:
Post a Comment