X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/chopwood/blobdiff_plain/138df99f6815e9fdf9b63566bf1ae9e05dc945c6..dd650029f6d572194a7d9a035f9e55195b64d64c:/cookies.fhtml
diff --git a/cookies.fhtml b/cookies.fhtml
index f8862b3..121b2e4 100644
--- a/cookies.fhtml
+++ b/cookies.fhtml
@@ -49,8 +49,8 @@ is kind of long and ugly.
that causes other trouble. In particular, you’d get that annoying
The page that you’re looking for used information that you
- entered. Returning to hat page might cause any action that you took to be
- repeated.
+ entered. Returning to that page might cause any action that you took
+ to be repeated.
message whenever you hit the reload button.
@@ -59,24 +59,17 @@ message whenever you hit the reload button.
If you actually look at the cookie, you find that it looks something like
this:
- 1357322139.HFsD16dOh1jjdhXdO%24gkjQ.eBcBNYFhi6sKpGuahfr7yQDzqOJuYZZexJbVug9ultU.mdw
+ 1357322139.eBcBNYFhi6sKpGuahfr7yQDzqOJuYZZexJbVug9ultU.mdw
-(Did I say something about long and ugly?) It consists of four pieces
+(Did I say something about long and ugly?) It consists of three pieces
separated by dots ‘.’.
- Datestamp
- The time at which the cookie was issued, as a simple count of (non-leap)
-seconds since 1974–01–01 00:00:00 UTC (or what would have been
+seconds since 1970–01–01 00:00:00 UTC (or what would have been
that if UTC had existed back then in its current form).
-
- Nonce
-
- This is just a random string. When you change a password, the server
-checks that the request includes a copy of this nonce, as a protection
-against
-cross-site
-request forgery attacks.
-
- Tag
- This is a cryptographic check that the other parts of the token
haven’t been modfied by an attacker.
@@ -91,7 +84,7 @@ behavioural advertising scheme?
That’s tricky. I could tell you that this program is
free software, and
that you can
-">download its
+download its
source code and check for yourself.
That’s true, except that it shouldn’t do much to convince