• Cosmic Cleric@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    1 year ago

    Was that guy the owner of the wow armory? Because otherwise…

    No, he was another player/customer. See below.

    how did they get your cookie store inside your browser?

    When you pull up a character on the Armory inside of the cookie/memory information was a list of all the other characters for that same account/character. And anyone can pull up any other account characters name on the Armory.

    My guess is the list of all the character names for the account was there so if you wanted to switch between one character to another from a drop-down UI object.

    My point is developers can leak additional information assuming that users can’t see it because it’s not displayed on the UI, but if somebody goes into the developer mode on the browser they can inspect all the memory/cookie information for that web page.

    Finally, this was a long time ago, so who knows if it still works that way today or not. My point of mentioning it was as an anecdote on how additional information can leak in ways we wouldn’t suspect.