100
you are viewing a single comment's thread
view the rest of the comments

that's really concerning because it bypasses a browser password manager security measure. Since the domain is the same but the server ip and the server's https certificate chain is different, a poorly written password manager may auto-login or automatically send cookies to a website owned by a completely different entity on the same domain name. Big security flaw in domain name trust?

this post was submitted on 12 Jul 2023
100 points (99.0% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54716 readers
201 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS