Register

If this is your first visit, please click the Sign Up now button to begin the process of creating your account so you can begin posting on our forums! The Sign Up process will only take up about a minute of two of your time.

Page 1 of 2 1 2 LastLast
Results 1 to 10 of 16
  1. #1
    Senior Member GeZe's Avatar
    Join Date
    Dec 2003
    Posts
    330
    Member #
    4381
    Brownie - Beyond Cookie

    Well, I was bored so I decided "why not start my own open source project?" I though about what I could do then it hit me, the thing that I keep asking how to do: emulate the .NET passport (multi-site Cookie). Thus, I started he Brownie Project a couple of days ago on SourceForge.
    link.

    Project Description:
    Brownies are many things: the future of Cookies, multi-site cookies, .NET passport for everyone else. A Brownie is an xml file stored client side managed by a program in the form of a browser extension/plug-in. Brownies can be sent to multiple sites.


    Please look at the openings in the HELP WANTED section. Also, there is two peices of documintaion.
    -GeZe

  2.  

  3. #2
    Senior Member glyakk's Avatar
    Join Date
    Nov 2003
    Location
    USA
    Posts
    1,263
    Member #
    3828
    Liked
    6 times
    Sounds like an intersting idea. But I dont know how well the idea will take off since you have to install a plugin for it to work.

    And yea I agree that a brownie is MUCH better than a cookie.


  4. #3
    WDF Staff Wired's Avatar
    Join Date
    Apr 2003
    Posts
    7,657
    Member #
    1234
    Liked
    139 times
    VERY interesting idea. Question: will the "brownie" be located on a server that serves a collection of sites (i.e. a portal) or will it be hosted on a main server to serve any and all sites that validate to it? If I didn't have so much upcoming on my plate I'd lend a hand.
    The Rules
    Was another WDF member's post helpful? Click the like button below the post.

    Admin at houseofhelp.com

  5. #4
    Senior Member GeZe's Avatar
    Join Date
    Dec 2003
    Posts
    330
    Member #
    4381
    It is stored on the user machine, like a cookie. But I havn't thought about it any other way, but those ideas seems interesting. Hmmmmm, I'll think about it.
    -GeZe

  6. #5
    WDF Staff Wired's Avatar
    Join Date
    Apr 2003
    Posts
    7,657
    Member #
    1234
    Liked
    139 times
    just thinking, what would create the cookie to be multi-site? say 1 site creates it. For security, it has to put the names (or some type of auth code for them) in the cookie. Or it has an auth code, and that code is passed to multiple sites. Or there's a server somewhere that spits out auth codes for each set of sites. If multiple sites are combined in a key, then a new one is registered into the key db and replaces the old one. Unencrypted, hex code, or dual hex code (making the name up, basically 32 base) or something could keep the key size down before encryption.

    OR, eah person has a personalized cookie. When they sign up to a site and choose a name/PW, it can also ask them for their auth code for the brownie so it can modify it. Of course this risks social engineering hacks, but then again normal cookies are vulnerable to this.
    The Rules
    Was another WDF member's post helpful? Click the like button below the post.

    Admin at houseofhelp.com

  7. #6
    Senior Member GeZe's Avatar
    Join Date
    Dec 2003
    Posts
    330
    Member #
    4381
    their is an explanation about the n=multi-site thing in the documintaion section in the document named "THE DOCUMENT"

    EXERT:
    There are two states of a domain, active and pending. Once a domain is set by another domain, the domain is pending, this means the brownie doesn’t work on that domain. But once that domain activates that brownie, the status changes to active so it works now on that domain.

    You need to read the whole thing to understand though.
    -GeZe

  8. #7
    WDF Staff Wired's Avatar
    Join Date
    Apr 2003
    Posts
    7,657
    Member #
    1234
    Liked
    139 times
    I'm a bit skewed towards security Stupid question: What prevents one site from reading another's cookie: the browser's implementation of the cookie protocols, correct?
    The Rules
    Was another WDF member's post helpful? Click the like button below the post.

    Admin at houseofhelp.com

  9. #8
    Senior Member GeZe's Avatar
    Join Date
    Dec 2003
    Posts
    330
    Member #
    4381
    A Brownie can only be read by the site that has made it or a site that has been told by the site that has made it.
    -GeZe

  10. #9
    Senior Member Jasoncw's Avatar
    Join Date
    Jan 2004
    Location
    Detroit, MI, United States
    Posts
    254
    Member #
    4401
    sounds like an interesting project. I'd help but that is all way over my head, heh.
    Jason

  11. #10
    Senior Member Brak's Avatar
    Join Date
    Apr 2003
    Location
    San Francisco, CA
    Posts
    3,413
    Member #
    1217
    Liked
    2 times
    It sounds like you're going to have use a remote server somewhere in there man.

    Let's say you really want to create a .NET replacement... passwords/etc are going to have to be stored at a central location. When a user 'logs in' to a site that uses this Brownie, it's going to have to ask the remote server if the username/pw are correct, and if so give them a nice little brownie (still not sure how you're going to accomplish this).

    It's an interesting idea, but I think you better rethink the entire thing before you begin work.
    Kyle Neath: Rockstar extraordinare
    The blog | The poetry site | The Spore site


Page 1 of 2 1 2 LastLast

Remove Ads

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
All times are GMT -6. The time now is 10:15 AM.
Powered by vBulletin® Version 4.2.3
Copyright © 2020 vBulletin Solutions, Inc. All rights reserved.
vBulletin Skin By: PurevB.com