Am 28.12.2012 20:06, schrieb Robert Moskowitz:
Harald,
I am beginning to see what you are doing; through some foggy glasses. Still need to read more, and today was not a reading day. I am struggling to understand the attack space.
How can the user submit their cookie over an non-ssl connection when the server redirects everything to https? The only senario I have come up with is with the login screen in front of them, the user changes the method to http, enters in their data and sends?
because the browser sends cookies with the HTTP-HEADER at the first connect the redirect from the server is also a header of the RESPONSE at this time the cookie was already sent unencrypted