How does VK identify users?

L

LinuxGod2020-05-04 20:12:51

Browsers

LinuxGod, 2020-05-04 20:12:51

Greetings colleagues, I came across such an interesting moment:
the web version of VK can identify a user without cookies, tokens and other things.
How is it done?
What has been implemented?
With what protocols?
Everyone can make sure of this - just take it to open the developer tool (F12), go to the Aplication tab and click on ClearData - refresh the page, why and how does VK not log out of your account?
Are cookies and tokens literally regenerated?
What funds are involved?
I would be extremely grateful for any information on this!
Thank you for your attention!

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

1

15432, 2020-05-04
@LinuxGod

I did as you indicated (Clear Data), refreshed the page - indeed, I remained logged in.
I went into the Chrome settings, looked at Cookies and data for the site - there were saved data in the "Local Storage", deleted them - logged out.
I logged in again, clicked Clear Data - now it's logged out right away.
Probably, VK stores something on the disk, and this data is not deleted by the developer's tools.

D

Dimonchik, 2020-05-04
@dimonchik2013

Well, I would study and tell the public
I would start with incognito mode, for example,
close all windows, open
and finish,
but the fact that someone, somewhere, somehow works in some browser ... whoever needs it - will study