authority's userinfo?

Thomas Karpiniec tkarpiniec at icloud.com
Thu Jun 11 00:54:29 BST 2020

Previous message (by thread): authority's userinfo?
Next message (by thread): authority's userinfo?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jun 11, 2020 at 01:34:12AM +0200, Petite Abeille wrote:
> Actually, it could be used to fingerprint gemini clients automatically:
> 
> C: gemini://mozz.us/  
> S: 30 gemini://cookie@mozz.us/ 
> C: gemini://cookie@mozz.us/
> S: 20 text/gemini 
> => gemini://cookie@mozz.us/beer/
> 
> A magic cookie!

This is possible regardless using query strings, or even more
obnoxiously, dynamic paths/links. At the end of the day all you can do
is call out dodgy behaviour, and if site owners tried it anyway,
attempt to make this sort of thing visible to client users.

Cheers, Tom

Previous message (by thread): authority's userinfo?
Next message (by thread): authority's userinfo?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list