NoScript mitigates HTTPS cookie hijacking attacks

September 11, 2008 – 8:34 AM

The invaluable NoScript for Firefox plug-in just got a tad better.

According to Giorgio Maone, the developer behind the popular browser extension, a new experimental feature called “Forced Secure Cookies” has been added to NoScript v1.8.0.5 to mitigate the HTTPS cookie hijacking attack vector discussed at DEFCON 16 last month.


You must be logged in to post a comment.