Y
Hacker News
new
|
ask
|
show
|
jobs
by
genericacct
4596 days ago
have you heard of the HttpOnly attribute for cookies?
1 comments
araskoktas
4596 days ago
good, send HttpOnly cookies and solve that problem. window.location.href='
http://www.redt*be.com
'; -- if you think evaluating JS code, as-is passed by the client is a good idea go ahead.
link
genericacct
4596 days ago
I most definitely will. and if my users want to browse your favorite porn site i don't see why i shouldn't let them..
link