GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → nccgroup → Setcookieanalysisinbrowsers

nccgroup / Setcookieanalysisinbrowsers

Licence: agpl-3.0
SetCookie Analysis in Browser Research Results

Labels

css

Set Cookie Analysis in Browsers

License

Released under AGPL (see LICENSE for more information).

Description

For more information see the following blog post:

https://www.nccgroup.com/en/blog/2015/01/analysis-of-setting-cookies-for-third-party-websites-in-different-browsers/

Usage

The "victim_site" directory should be copied on a server that supports ASPX (unless cookiemanager.aspx has been rewritten in PHP). This URL should be set inside the "testcase_runner.html" file in the "target_url" variable.

Other files can be deployed on a server which supports PHP or ASPX. If the server uses PHP, the following line needs to be used in the "modifyTestcaseContent" function:

result = result.replace(/%%REDIRECTPAGE%%/g,'redirect.php');

The domain that contains the "victim_site" directory should be different than the domain which contains other files otherwise this cookie test can be pointless.

As an example, this can be set-up on a local Windows server with IIS. When victim.com and attacker.com are two local DNS names:

Example

http://0me.me/demo/cookie-test/testcase_runner.html

This page sends its requests to the sdl.me server (an IIS server).

Project Page

https://github.com/nccgroup/SetCookieAnalysisInBrowsers

Author

Soroush Dalili (@irsdl) from NCC Group

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].