5

My application uses session cookies. Somehow this cookie is injected with tracking information for a few users:

JSESSIONID=0624EF8E3E5E7CCBDB52BAE6C44C5AFB.jvm-application; optimizelySegments=%7B%22204658328%22%3A%22false%22%2C%22204736122%22%3A%22referral%22%2C%22204775011%22%3A%22ie%22%2C%22234726171%22%3A%22none%22%7D; optimizelyEndUserId=oeu6892721299353r0.9526657112221855; optimizelyBuckets=%7B%7D

The JSESSIONID is from my application while the optimizelyXXX elements appears to originate from optimizely.com, see optimizely FAQ .

How is this possible and what can I do? ModSecurity is complaining about possible injection. Of course I can disable this rule, but I want to understand what is happening.

user2543417
  • 51
  • 2

2 Answers2

0

document.cookie concatenates all cookies using a ';'. What you're seeing is actually 4 cookies. You can parse/access this string by writing your own function or using a third party: https://github.com/carhartl/jquery-cookie

TomFuertes
  • 6,855
  • 5
  • 32
  • 48
  • How does this answer help? The question was not about parsing Cookie header, but about specific cookies. – TMG Feb 12 '16 at 12:42
0

I presume the cookie comes from some javascript originating on your site. To stop this cookie from appearing you must stop the offending javascript to load/run. To do this, you can disable serving ads on your web page or not allow publishers which follow this kind of practices.

Spikolynn
  • 3,603
  • 2
  • 31
  • 42