|
|
|
|
|
|
by rythie
4566 days ago
|
|
|
I think you just need one HTTPS only cookie (Amazon seems to have two) and just check that one (in addition to the others) at purchase time, since that one can't be stolen. However, the sign in button is served from a insecure page, so a ISP could MITM that and get your password anyway. |
|
|