Loading...
This site is best viewed in a modern browser with JavaScript enabled.
Something went wrong while trying to load the full version of this site. Try hard-refreshing this page to fix the error.
Hijack a session despite the cookie `HTTPOnly` flag
coolman
绕过
HTTPOnly
限制劫持会话
TODO
References
https://stackoverflow.com/a/8069697
.
https://medium.com/@yassergersy/xss-to-session-hijack-6039e11e6a81
.
https://blog.codinghorror.com/protecting-your-cookies-httponly/
.