Well, ravenclans.com and ravenforums.com are both on the same host and using the same main directories, yet each has their own directory to work with. Thus this doesn?t make a security breach for me. Example: Main directory: /home/content/d/g/t/dgtnt/html/rgn_main/ Ravenforums.com: /home/content/d/g/t/dgtnt/html/rgn_main/board Ravenclans.com: /home/content/d/g/t/dgtnt/html/rgn_main/clans The downside is that coockies are only limited to ravengames.com and ravenforums.com and still, all 3 domains are using the same engine to work with. This is the reason why I want to fool the coockie with RewriteEngine Regards. De Gang Thierry --- Email: de.gang.t@xxxxxxxxxx Msn: euthanasia@xxxxxxxxxx Mobile: (0032) 0 498/33.51.59 Phone: (0032) 0 2/751.04.58 Website: http://www.dgtnt.be Proud =[BBT]='r: http://www.bigbadteam.com http://www.RavenGames.com - Your hub for all Raven Software games --- Privacy Note: This is a private email adress for personal use. Any abuse of this email- adress will be reported with a full report to your ISP. Just think and be smart and only use it when needed. --- > -----Oorspronkelijk bericht----- > Van: André Warnier [mailto:aw@xxxxxxxxxx] > Verzonden: donderdag 13 augustus 2009 18:41 > Aan: users@xxxxxxxxxxxxxxxx > Onderwerp: Re: How to fool a coockie with RewriteEngine > > De Gang Thierry wrote: > > Hi all, > > > > > > > > Is there a way in RewriteEngine to a fool a coockie to read the > contents of > > another domain whilst you're on another. > > > etc.. > > I have not really considered the details of what you want to do, but in > the principle I would say it cannot be done, for security reasons. > If one site could set a cookie for any other site, then the site > www.very-bad-guys.com could set a cookie that the browser would send > later to the site www.all-angels.com, with whatever consequences. > > However, two websites member of the same upper-level domain can set > cookies valid for both, such as if one site is www.company.com and the > other is anotherserver.company.com, they they both can set a cookie for > ".company.com", and the browser would send this cookie along with any > request to any one of the two sites. > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server > Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|