Technically, all cookies are created on the client, as they are sent as
headers in the request to the server. The way it is supposed to work is
that the browser returns cookies that are set as a result of the server
sending a set-cookie header, but you should always assume that cookies
represent input from the user which may be hostile.
Re: Attempt to de-mystify AJAX ... >> poster said "I don't want to hodl tons of data in a hidden frame,... I never use cookies so a user ... How do you "break" the session key?... > as needed back to the server.... (comp.databases.pick)
Re: Attempt to de-mystify AJAX ... "Hyperlinks" always open a new browser window.... What I meant is that the server, from its state tables, can easily determine ... >>> around cookies and JS, but it seems to be tough. ... >>> 1) use cookies to maintain the session key and hope that the expiration ... (comp.databases.pick)
Re: NotificationSampleWebDav-Monitor OWA Inbox ... when you send your authentication cookies along a request in the ... the response should also contain new cookies.... Can you guide me how can I update the cookie with new response.... Warning: Exiting Action with an exception: The remote server returned... (microsoft.public.exchange.applications)
Re: PHP/MySQL oldies ... > secure when you leave it lying around in a PHP file on your web server?...safe mode is always enabled, ... is using cookies... (uk.net.web.authoring)
Re: Cross-domain cookie updating ? ... It's not strictly a PHP question, but something that PHP guys would know the answer to. ... Let's say we have a HTML page from domain example.com, and that HTML page makes a request to example.com to return a JavaScript file. ... If the file being returned has updated cookie information in the response header, then I imagine the cookies for example.com get updated. ... What if the JS file it's requesting is actually to a different unrelated domain server that's going to return a JavaScript file with updated cookies in the response header. ... (comp.lang.php)
