© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
6b50737
demo site
(Get the code!)
(In reply to comment #68)
> foo.co.uk could set cookies in the .co.uk. domain if wanted, and bar.co.uk.
> could read those, but only a fool developer at foo.co.uk would expect his
> cookies to be safe at that level. then also all of his subdomains would be able
> to read and set cookies. I believe this would solve the problems brought up by
> this issue.
>
This is what this bug is all about. foo.co.uk should NOT be allowed to set cookies in the co.uk domain. Ever.