Hacker News new | ask | show | jobs
by IgorPartola 568 days ago
I wonder if there is some way to DoS the tracking services by basically accepting third party cookies but then immediately discarding them so every page load generates a new cookie and presumably state stored on the other end to match it. Or are these tracking cookies typically self-contained so that no state is stored server-side?
2 comments
tliltocatl 568 days ago
Given that web industry uses no-server-state for *authentication* (with all the issues it implies), i would expect tracking also be no-server-state.
link
rixed 568 days ago
Isn't that the reason cookies were invented in the first place? To keep servers stateless?
link
afiori 568 days ago
If the server can recognize you then it is not stateless, cookies make http stateless
link