Je hebt een klacht over de onderstaande posting:
NoScript heeft Automatic Secure Cookie Management :) Q: What can NoScript do against HTTPS cookie hijacking? A: HTTPS cookie hijacking happens when a site sets sensitive cookies (e.g. those identifying authenticated sessions) over HTTPS connections but "forgets" to flag them as "Secure". This means that subsequent unencrypted (non-HTTPS) requests for the same site will leak the session cookies away, even if you logged in securely. NoScript provides means to mitigate this issue, configurable in NoScript Options|Advanced|HTTPS|Cookies. If Enable Automatic Secure Cookies Management is checked, NoScript will try to "patch" insecure cookies set by HTTPS sites on the fly: 1. If the site matches the "Ignore unsafe cookies..." pattern list, NoScript lets its cookies pass through untouched 2. If the site matches the "Force encryption for all the cookies..." pattern list, NoScript appends a ";Secure" flag to every non-secure cookie set by this response 3. Otherwise, NoScript just logs unsafe ...
Beschrijf je klacht (Optioneel):