--- Marco Tabini <[EMAIL PROTECTED]> wrote:
However, we do not share the contents of our cookies with any third party, under any circumstances.
I'm no lawyer, but that seems like a risky statement. There are many circumstances that can cause the contents of the cookies you set to be disclosed to third parties. It seems like the definition of "sharing" would come under scrutiny in these situations, which doesn't seem like much defense to me.
Well "sharing" implies a will to disclose--so if we unvoluntarily disclose information we don't "share" it with anyone.
I suppose you're safe as long as you don't willingly or intentionally share this information yourself, but browser vulnerabilities (such as those found in IE 4.0, 5.0, 5.5, and 6.0) can allow anyone to view the contents of any cookie.
But if the browser causes the information to leak, we did not share (or disclose) it--the user did, through action or inaction (e.g.: not patching his or her browser).
Your bank won't share your money with anybody else, but if you take the money out and someone robs you outside the branch, they're not going to refund you...
Cheers,
Marco
I doubt I'm telling you anything you don't know, but maybe I'm saying something that someone doesn't know. :-)
Chris
===== My Blog http://shiflett.org/ HTTP Developer's Handbook http://httphandbook.org/ RAMP Training Courses http://www.nyphp.org/ramp
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php