Joscha,
On 1/11/22 09:50, Joscha Cepok wrote:
But there is maybe another approach, during my research I encountered
most time one of two cases:
timestamp; key1=value1; key2=value2;... OR key1=value1;
key2=value2;...;timestamp
I didn't take a deeper look, why browsers add the timestamp to th
On 11/01/2022 14:50, Joscha Cepok wrote
I didn't take a deeper look, why browsers add the timestamp to the
cookie header, so ignoring the timestamp and log it once seems fine for
me. But in case of multiple broken cookies, maybe all malformed content
of the header should be logged on INFO an
Hi Mark,
Am 10.01.22 um 22:50 schrieb Mark Thomas:
On 07/01/2022 15:02, Christopher Schultz wrote:
Our only official feedback on your publication is that we do not
consider it a security vulnerability that warrants a CVE, coordinated
disclosure, etc. We would be happy to have you raise this is
