K
K
Kirill Novak2021-09-28 01:08:15
Computer networks
Kirill Novak, 2021-09-28 01:08:15

How does VKontakte determine that I have changed the browser, despite the fact that the browser is absolutely identical when importing cookies?

Hello comrades. Faced such a problem, I can not understand what I missed and why this is happening.
The essence of the problem is that if you transfer VKontakte cookies from one browser (the same one) with VPN to another browser, without VPN, incognito, then in that browser without VPN, cookies will not work and will not authorize me when reloading the page.

But at the same time, if you disconnect from the VPN in the left browser, everything will be fine, after the reboot the session will not expire.
If it was a matter of changing the IP, then I would lose the session when connecting to the VPN, but this does not happen.
I want to note that JavaScript is disabled in both browsers, so it does not affect the situation in any way.
By "browsers are identical" I mean that FingerPrintJS gives me the same FP on the left and right.

I suspect that this works somehow at the network level, connections, but I don’t know how, so I asked here.
I tried after connecting to the VPN in the left browser, exporting cookies and closing this browser (to cut off all connections), then transferring to the right browser, but the result was identical.

I tested the same algorithm on other sites, there were no problems there. Cookies worked on any connection, under any IP and in any browser.

I recorded a video where I reproduce my problem step by step. https://drive.google.com/file/d/1p6pQkugzx35SPQiwa...

Answer the question

In order to leave comments, you need to log in

3 answer(s)
K
Kirill Novak, 2021-09-29
@kinojs

It's very funny, but it's true :) The issue is resolved, I didn't see how I felt.
There are no network moments, VKontakte installs additional 3 cookies on the login.vk.com domain during authorization, and when the IP changes, it looks at these cookies through a redirect. Import and export of the plugin worked only for the m.vk.com domain, for the current tab. Therefore, authorization did not work, because for VK it looked as if the user had not even entered the site.
That is, the export still had to be done separately on the tab with the login.vk.com domain, then everything works fine.

V
Vindicar, 2021-09-28
@Vindicar

In addition to cookies, there is also localstorage, and other browser fingerprinting methods .

C
Crazypill, 2021-09-28
@Crazypill

The answer is in your question. What is different when you are not connecting directly, but through a VPN? That's right, your IP address that websites see. Apparently VKontakte authorizes the session not only by cookies, but also by IP.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question