[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: NYTimes web cookies
[email protected] (Anonymous) writes:
> [email protected] (Matthew Ghio) wrote:
>
> > It doesn't check the PW or ID at all except the first time you log in.
> > After that it generates a new cookie titled NPLCNYT and that is the only
> > cookie it checks; the PW and ID are not required to be there at all.
> > If you delete the NPLCNYT cookie, it will check the PW/ID and generate
> > a new one. An example cookie is below:
> >
> > NPLCNYT=AAAALw>AAAAAX9IUUWiPhfALqHZuSh2mUM0yzNOwGRReAAAAAsAAAAAY3lwaGVycHVu
>
> I put this wafer in my junkbuster-configfile and disabled all other cookies,
> and NYTimes let me in without asking for a password, but after I read a few
> articles, the site started behaving strangely, where the server would seem
> to hang on certain pages, taking forever to send the html.
I played around with nytimes.com some more and I'm certain that it does check
for the presense the ID= in the cookie (but not the value).
Apparently the following 2 is necessary and sufficient:
NPLCNYT=(whatever it tried to set it to)
ID=(anything; I used ID=0 to save bandwidth)
With ID=0, it says "welcome, 0" of the first page and I see no problems.
> Interesting though. Maybe we should hold a cypherpunks 'potluck' where
> everyone trades cookies. :)
A good idea. here are more of mine:
#.reference.com
wafer [email protected]
wafer passwd=cypherpunks
(I haven't been able to register [email protected] on reference.com)
# amazon.com [email protected] cypherpunks
wafer group_discount_cookie=F
wafer session-id=1451-4798095-404463
wafer session-id-time=886320000
wafer ubid-main=3578-1328899-434066
wafer cf=c90fe571f7b5f873
By the way, junkbuster does NOT strip cookies in secure http. Be careful.
---
<a href="mailto:[email protected]">Dr.Dimitri Vulis KOTM</a>
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps