{"image_url":null,"url":"https://inaz2.hatenablog.com/entry/2015/10/01/225202","blog_url":"https://inaz2.hatenablog.com/","categories":["Web"],"height":"190","title":"Cookie Injection\u306b\u3088\u308bHTTPS\u30cf\u30a4\u30b8\u30e3\u30c3\u30af\u306b\u3064\u3044\u3066\u8abf\u3079\u3066\u307f\u308b","width":"100%","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Finaz2.hatenablog.com%2Fentry%2F2015%2F10%2F01%2F225202\" title=\"Cookie Injection\u306b\u3088\u308bHTTPS\u30cf\u30a4\u30b8\u30e3\u30c3\u30af\u306b\u3064\u3044\u3066\u8abf\u3079\u3066\u307f\u308b - \u3082\u3082\u3044\u308d\u30c6\u30af\u30ce\u30ed\u30b8\u30fc\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","provider_url":"https://hatena.blog","published":"2015-10-01 22:52:02","blog_title":"\u3082\u3082\u3044\u308d\u30c6\u30af\u30ce\u30ed\u30b8\u30fc","author_url":"https://blog.hatena.ne.jp/inaz2/","version":"1.0","author_name":"inaz2","description":"\u4e2d\u9593\u8005\u653b\u6483\u306e\u3082\u3068\u3067\u306eCookie Injection\u306b\u3088\u308bHTTPS\u306e\u76d7\u8074\u30fb\u30cf\u30a4\u30b8\u30e3\u30c3\u30af\u306b\u3064\u3044\u3066\u3001\u6b21\u306e\u3088\u3046\u306a\u30a2\u30ca\u30a6\u30f3\u30b9\u304c\u51fa\u3066\u3044\u308b\u3002 Vulnerability Note VU#804060 - Cookies set via HTTP requests may be used to bypass HTTPS and reveal private information JVNVU#92999848: HTTP \u30ea\u30af\u30a8\u30b9\u30c8\u7d4c\u7531\u3067\u8a2d\u5b9a\u3055\u308c\u305f Cookie \u306b\u3088\u3063\u3066 HTTPS \u63a5\u7d9a\u304c\u30d0\u30a4\u30d1\u30b9\u3055\u308c\u305f\u308a\u60c5\u5831\u6f0f\u3048\u3044\u304c\u767a\u751f\u3059\u308b\u554f\u984c \u3053\u3053\u3067\u306f\u3001\u30a2\u30ca\u30a6\u30f3\u30b9\u3067\u53c2\u7167\u3055\u308c\u3066\u3044\u308b\u8ad6\u6587\u306e\u5185\u5bb9\u3092\u7c21\u5358\u306b\u307e\u3068\u3081\u3066\u307f\u308b\u3002 Co\u2026","provider_name":"Hatena Blog","type":"rich"}