How and Why cookie stuffing works
( h2 R# U# Z3 U
) {7 H1 L0 X g3 sCookie stuffing,depending on the method used,works in different ways.The ultimate goal however is to get that darned affiliate cookie onto someones computer.( _5 q4 x: a3 U! \* m8 D
, ~9 J4 _- k( @( ~& x* UCookies are passed in whats called a header.A web page doesn't have to be rendered for a header to be passed.Because of this,methods like image stuffing exist.The browser of your victim thinks is getting an image,but instead it gets a header with instructions to place a cookie on the computer.: t# q" J Q; m
+ d0 Z0 p2 M" Y! X, Y5 CIn other methods of stuffing,you are actually opening up your affiliate url in a new window or in a frame.Because the url is actually opened,a cookie is placed.Not only is the header processed for cookie placement,the html is also rendered by the browser.In most cases,this is visually detectable by the user.Like in the case of javascript,a pop up window is used to display your affiliate url.Talk about annoying.
2 ~7 u3 q# P2 J2 Q, T! I C+ b( H% {! J, ], ?# `8 p, G; N
There are other methods you can use like a 1 pixel iframe.This is less detectable visually,but very easy to spot if someone went digging through the source for it.& U' T! [. V( T) G, C7 o' J# C! S
' j) q+ t- X3 a4 h( Y) V# F1 y; r. D. HSummary: a cookie is passed via a http header.A browser will not ignore a cookie header unless its security settings are instructed to do so.When the browser asks a server for an image and is returned with a webpage,a header is sent before the webpage.The browser aknowledges the header,and disregards the rest of the content.Thus a cookie is placed. |
|
發表於 2008-11-13 19:35:24
提升卡
沉默卡
变色卡