Log in

No account? Create an account

Remember me

By logging in to LiveJournal using a third-party service you accept LiveJournal's User agreement

: Brad Fitzpatrick (bradfitz) wrote in lj_dev,
2002-11-12 15:22:00

Brad Fitzpatrick
bradfitz
lj_dev
2002-11-12 15:22:00

Safer Cookies

Microsoft recently added a feature to IE6 SP1 whereby cookies can be flagged with an "HttpOnly" attribute which disables their availability to client-side scripts.

I made the LiveJournal "ljsession" cookie set that attribute.

If you use IE6 SP1 (go get it from Windows Update if you use a different IE), then logout, and log back in to get the more secure cookie.

There's an RFE to get this added to Mozilla also:
http://bugzilla.mozilla.org/show_bug.cgi?id=178993

Go vote for it if you have a Bugzilla account.

"Invalid password" when calling login method over XML-RPC

A week or two ago my LJBackup client started being unable to login - I didn't change anything (I think!), but now I always get an "Invalid password"…
cl-journal livejournal client

Hey everyone, I'd like to present a livejournal client that I wrote to fulfill my needs but maybe there are other people that can find it…
SessionGenerate and ljloggedin

Are there any information after release 86 and changes in cookies scheme to use sessiongenerate? It returns ljsession key, but this key is not enough…

Post a new comment
2 comments

Log in

Safer Cookies

"Invalid password" when calling login method over XML-RPC

cl-journal livejournal client

SessionGenerate and ljloggedin

Error