Y
Hacker News
new
|
ask
|
show
|
jobs
by
0xfffff
2742 days ago
Correct, it doesn't. If you grab that cookie and then pass the cookie from somewhere else it will work.
Section 7.2.3 talks about cookie theft.
1 comments
kerng
2742 days ago
Yeah, as others have pointed out this RFC is from 2013 - so a bit dated.
link