Does it make sense to stuff cookies on different sites to emulate a real person?

Last modified:


It does not make sense to fill cookies by randomly visiting different websites for two reasons:

1) On all large resources, cookies have the http-only checkbox, which means that cookies can only be received in an http request and cannot be received in a javascript request. Accordingly, your cookies cannot be received by other resources.

2) If large services, for example Google or Amazon, tried to get your cookies received from other resources - this would be a pure XSS attack, for which services using it would at best receive multibillion-dollar fines. Therefore, no one will do so.


This article was helpful for 90 people. Is this article helpful for you?