Content deleted Content added
Sohom Datta (talk | contribs) |
Al Begamut (talk | contribs) →Supercookie: grammar (punctuation) Tags: Mobile edit Mobile web edit Advanced mobile edit |
||
Line 58:
A ''supercookie'' is a cookie with an origin of a [[top-level ___domain]] (such as <code>.com</code>) or a public suffix (such as <code>.co.uk</code>). Ordinary cookies, by contrast, have an origin of a specific ___domain name, such as <code>example.com</code>.
Supercookies can be a potential security concern and are therefore often blocked by web browsers. If unblocked by the browser, an attacker in control of a malicious website could set a supercookie and potentially disrupt or impersonate legitimate user requests to another website that shares the same top-level ___domain or public suffix as the malicious website. For example, a supercookie with an origin of <code>.com</code>
The [[Public Suffix List]]<ref name="oN0iG">{{cite web|url=https://publicsuffix.org/learn/|title=Learn more about the Public Suffix List|website=Publicsuffix.org|access-date=28 July 2016|archive-url=https://web.archive.org/web/20160514000450/https://publicsuffix.org/learn/|archive-date=14 May 2016|url-status=live}}</ref> helps to mitigate the risk that supercookies pose. The Public Suffix List is a cross-vendor initiative that aims to provide an accurate and up-to-date list of ___domain name suffixes. Older versions of browsers may not have an up-to-date list, and will therefore be vulnerable to supercookies from certain domains.
| |||