|
|
|
|
|
|
by kragen
273 days ago
|
|
|
From my point of view, a possible compromise of their news site CMS sees like a much less serious threat than phishing, so this seems like a bad tradeoff. If you're worried that cookie scoping will get broken, maybe you could have the news site CMS raise an alert if it sees PayPal-session-token cookie names. |
|
|