Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
B
B
BatorOV2016-02-09 22:08:19
In contact with
BatorOV, 2016-02-09 22:08:19

Why does vk use a login redirect?

The initial request is made to login.vk.com, then, as I understand it, it is redirected to vk.com. So why is this being done?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
Y
Yuri, 2016-02-09
@BatorOV

Probably another layer of security. there they put cookies purely on the login.vk subdomain for a year + HttpOnly.
on the main domain, cookies are set on all subdomains (and without HttpOnly), which is less secure in the case of xss.
that is, reliable cookies are stored on this subdomain, which cannot be stolen through xss. and these cookies do not fly with all requests, and it will be more difficult to hijack someone else's session.

Similar questions
K
krlljs2014-11-20 22:43:43
How to set up automatic export of posts from instagram to the public page of vkontakte? 4Reply
E
egorlisss2019-04-18 09:36:49
How to send a picture along with a message? 1Reply
T
TAnonim2016-11-21 20:17:37
How to get all chats of a VK user? 1Reply
A
Alexander-K2014-11-24 19:31:27
How to intercept a user session in the official Vkontakte app for iOS, Android? 2Reply
O
officialprobeo2019-04-18 20:02:52
How to get complete information about the conversation through the community? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question