Timeline for What is Reflected XSS?
Current License: CC BY-SA 3.0
7 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Jun 9, 2020 at 18:45 | comment | added | jaybrau | @IainDuncan - True, the browser will not be able to resolve the value of document.cookie at all if the cookie was marked HttpOnly and the browser supports HttpOnly. | |
| Jun 9, 2020 at 18:37 | comment | added | jaybrau | @ilans - The content on weak-site.com instructs the client's browser to send the weak-site.com cookie to evil.com in the form of a GET parameter. | |
| May 9, 2017 at 20:42 | comment | added | Iain Duncan | Now this example, of sending the cookie value to another url, is only going to work if the cookie is not marked as httponly, correct? | |
| Mar 20, 2016 at 6:55 | comment | added | ilans | But how does a cookie sent from one domain to the other?? | |
| Oct 30, 2015 at 23:39 | review | Late answers | |||
| Oct 31, 2015 at 0:01 | |||||
| Oct 30, 2015 at 23:24 | review | First posts | |||
| Oct 31, 2015 at 0:45 | |||||
| Oct 30, 2015 at 23:20 | history | answered | jaybrau | CC BY-SA 3.0 |