Internet
Security
Seminar

Spring 2020
course
site

March 12

Let's see what you have for flask mini projects ...

Your PHP work suggests that the connections and data flow between html pages, forms, handlers, cookies, sessions, and databases isn't clear to most of you yet.

We should use the firefox dev tools (or something similar) to make sure you all see what gets stored where, and when and how that happens. Flask does some of this for you ... but you still need to understand what's going on.


Next steps :

  1. Can we type something into your web pages (or other people's web pages) that contains code (js, html, sql, ...) that escapes from the its "favorite color" box?

  2. Take a deeper look at how cookies, ads, and 3rd-party privacy issues all works.

Readings!

First, the basics of web servers and what they're doing :

Second, google and read about cookies, tracking, add blockers, and all that. A few places to read are :

What is

Dig in and find a specific example of a tracking cookie, using whatever browser and developer tools you like. Something like "when I visit bigstore.com, in addition to its big_store_cookie it loads adds from trackercompany.com and sets tracker_cookie". Find the specific sites and cookies involved. How could (a) a browser add-on AdBlocker or (b) a home router DNS sinkhole change this behavior?

related

https://cs.marlboro.college /cours /spring2020 /internet /notes /mar12
last modified Tue December 3 2024 5:21 pm