6:[["$","$Le",null,{}],["$","div",null,{"className":"min-h-screen bg-gray-100 p-6","children":[["$","$Lf",null,{}],["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"QAPage\",\"mainEntity\":{\"@type\":\"Question\",\"name\":\"Reading cookies from other Domains\",\"text\":\"

I have heard of people being able to access other sites cookies using XSS. Is this is a legitimate option and how do you achieve this?

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"Vu Nguyen\"},\"upvoteCount\":2,\"answerCount\":2,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"

It's not a legitimate option, and will probably get you flagged as malware.

\\n\\n

If you're trying to do something useful (i.e. non-evil), there's probably a legitimate way of doing it.

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"egrunin\"},\"upvoteCount\":5}}}"}}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mb-6 relative","children":[["$","div",null,{"className":"absolute top-4 right-4 flex flex-wrap space-x-2","children":[["$","span","cookies",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/cookies/1","children":"cookies"}]}],["$","span","xss",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/xss/1","children":"xss"}]}]]}],["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/0b21adef3e53d41b3778ccf193519a09?s=256&d=identicon&r=PG","alt":"Vu Nguyen","className":"w-16 h-16 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/483631/vu-nguyen","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Vu Nguyen"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",543]}]]}]]}],["$","h1",null,{"className":"text-2xl font-bold text-gray-800 mb-4","children":"Reading cookies from other Domains"}],["$","p",null,{"className":"text-gray-700 mt-4","dangerouslySetInnerHTML":{"__html":"

I have heard of people being able to access other sites cookies using XSS. Is this is a legitimate option and how do you achieve this?

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm mt-4","children":[["$","p",null,{"children":["Upvotes: ",2]}],["$","p",null,{"children":["Views: ",428]}]]}]]}],["$","div",null,{"className":"container mx-auto","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-6","children":["Answers (",2,")"]}],[["$","div","4045837",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/17615340473b0c457a12366808763dfe?s=256&d=identicon&r=PG","alt":"fizban","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/222372/fizban","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"fizban"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",597]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

It's definitely not a legitimate option. It's considered a security hole anywhere it exists, and if you rely on it in your application, it will fail when those holes are fixed.

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",2]}]}]]}],["$","div","4045823",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/9b001cdbbc7253c67d888bf27c959acc?s=256&d=identicon&r=PG","alt":"egrunin","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/147463/egrunin","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"egrunin"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",25063]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

It's not a legitimate option, and will probably get you flagged as malware.

\n\n

If you're trying to do something useful (i.e. non-evil), there's probably a legitimate way of doing it.

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",5]}]}]]}]]]}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mt-6","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-4","children":"Related Questions"}],["$","ul",null,{"className":"list-disc list-inside","children":[["$","li","36318866",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/36318866","className":"text-blue-600 hover:underline","children":"Reading a cookie from a different domain"}]}],["$","li","1688941",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/1688941","className":"text-blue-600 hover:underline","children":"Reading Javascript Cookies from a subdomain"}]}],["$","li","62548260",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/62548260","className":"text-blue-600 hover:underline","children":"Access other site cookies using CORS"}]}],["$","li","37249095",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/37249095","className":"text-blue-600 hover:underline","children":"How to load cookies from another domain"}]}],["$","li","2919968",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/2919968","className":"text-blue-600 hover:underline","children":"PHP read a cookie that is on another domain"}]}],["$","li","13673156",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/13673156","className":"text-blue-600 hover:underline","children":"Third party cookie - read from other domain"}]}],["$","li","28214341",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/28214341","className":"text-blue-600 hover:underline","children":"Reading other website cookie which is not in our control"}]}],["$","li","25987888",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/25987888","className":"text-blue-600 hover:underline","children":"Getting cookies from different domains of same company's sites"}]}],["$","li","20795554",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/20795554","className":"text-blue-600 hover:underline","children":"Accessing Cookies of Other Domains using JavaScript/Java"}]}],["$","li","2955183",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/2955183","className":"text-blue-600 hover:underline","children":"Reading Cookie from a different domain?"}]}]]}]]}]]}],["$","$L11",null,{}],["$","$L12",null,{}],["$","$L13",null,{}],["$","$L14",null,{}],["$","$L15",null,{}]]

Reading cookies from other Domains

Answers (2)

Related Questions