Timeline for Do we need to logout of webapps?
Current License: CC BY-SA 3.0
2 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Oct 14, 2013 at 13:08 | comment | added | Rohan | An interesting attack vector would be to see if a man in the middle sniffer on your NAT'd LAN could break a session's encryption, obtain a cookie-token pair, forge a malicious post request, encrypt it with the encapsulated cookie-token and form data and send it off via your public IP. | |
| Oct 14, 2013 at 13:03 | history | answered | Rohan | CC BY-SA 3.0 |