Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
B
B
BatorOV2016-02-09 22:08:19
In contact with
BatorOV, 2016-02-09 22:08:19

Why does vk use a login redirect?

The initial request is made to login.vk.com, then, as I understand it, it is redirected to vk.com. So why is this being done?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
Y
Yuri, 2016-02-09
@BatorOV

Probably another layer of security. there they put cookies purely on the login.vk subdomain for a year + HttpOnly.
on the main domain, cookies are set on all subdomains (and without HttpOnly), which is less secure in the case of xss.
that is, reliable cookies are stored on this subdomain, which cannot be stolen through xss. and these cookies do not fly with all requests, and it will be more difficult to hijack someone else's session.

Similar questions
V
vol4072016-02-18 16:27:17
Is it possible to cheat anonymous polls in VK? 2Reply
O
Oleg Gamega2016-02-19 16:23:07
How to get a link to a video file in VK? 1Reply
L
luckyredhot2013-10-27 08:10:40
Full backup of VKontakte account 3Reply
A
Anton Korchahin2016-02-24 15:53:54
Vk.com api likes.isLiked is it possible for a site to check that a user "liked" a certain object? 1Reply
M
mrprint2018-07-13 14:49:00
What is the best autoresponder for VKontakte? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question