This repository has been archived by the owner on Sep 19, 2020. It is now read-only.
blocked cookies can be accessed through JavaScript and sent to a server #238
Labels
duplicate
This issue or pull request already exists
Prerequisites
Description
Blocked cookies can be accessed through JavaScript. If cookies are blocked, they should not be accessible by websites. The ability to block cookies sent to a server can be bypassed if the website is sending cookies through AJAX.
I noticed this problem when visiting the website
https://www.jeanlouisdavid.com/
which only displayed a coronavirus popup notifier the first time you visit the website. After reloading the website, the popup was not displayed anymore because the website was able to read the cookie through JavaScript.Related: gorhill/uMatrix#855
Steps to Reproduce
https://www.w3schools.com/js/js_cookies.asp
Ruleset
Supporting evidence
https://www.w3schools.com/js/js_cookies.asp
Your environment
The text was updated successfully, but these errors were encountered: