Tag Archives: cookies

Visitor Tracking Without Cookies (or How To Abuse HTTP 301s)

Written April 24th, 2012
Tags: , , , , , , ,
27 comments
British Telecom's implementation of the new cookie laws. Curiously, if you visit their site using the Opera web browser, it assumes that you've given consent, even if you click the button to not do so.

A technique for abusing HTTP 301 redirects and random numbers to uniquely track users; even those who have cookies disabled in their web browsers. Continue reading

Leading By Example

Written May 15th, 2011
Tags: , , , , , , , ,
1 Comment »
web_browser_cookie

After getting thoroughly confused by the new European Union directives on the use of cookies, which come into force later this month, Dan goes to the Information Commissioner’s website to look for some guidance… only to discover that they don’t meet the new requirements, either. Continue reading

HttpOnly Session Cookies using ActiveRecordStore in Rails 2.2

Written December 29th, 2008
Tags: , , , ,
1 Comment »

If you’re using CookieStore to manage sessions in your Ruby on Rails application, Rails 2.2 provides the great feature that you’re now able to use HTTPOnly cookies. These are a great benefit because, for compatible web browsers, they dramatically reduce the risk of a Cross… Continue reading