티스토리

솔직한 목소리

검색하기

웹사이트에 구워진 전체 쿠키보기

Security/Web

웹사이트에 구워진 전체 쿠키보기

bslime 2008. 5. 31. 15:57

script language="javascript";

// 쿠키 읽기
function GetCookie(name){
    var arg = name + "=";
    var alen = arg.length;
    var clen = document.cookie.length;
    var i = 0;

while(i < clen){
        var j = i + alen;
        if(document.cookie.substring(i, j) == arg)
        return getCookieVal(j);
        i = document.cookie.indexOf(" ", i) + 1;
        if(i == 0) break;
    }
    return null;
}

// 쿠키 읽기
function getCookieVal(offset){
    var endstr = document.cookie.indexOf(";", offset);
    if(endstr == -1)
        endstr = document.cookie.length;
    return unescape(document.cookie.substring(offset, endstr));
}

// 쿠키 읽기2 - 2중 쿠키에서 사용
function GetCookie2(key1, key2) {
  var tmp = GetCookie(key1);
  if(tmp == null)
    return null;

tmp = tmp.split("~");
  for(var i = 0; i<tmp.length; i++) {
    var tmp2 = tmp[i].split("=");
    if(tmp2.length == 2 && tmp2[0] == key2) {
      return tmp2[1];
    }
  }
  return null;
}
//-->
</script>

<script language="javascript">
 <!--
    document.write("cookie : " + document.cookie + "<br>");
    document.write("<br>username : " + GetCookie("username") );
    document.write("<br>ecid : " + GetCookie("ecid"));
    document.write("<br>login : " + GetCookie("login"));
    document.write("<br>adult : " + GetCookie("adult"));
    document.write("<br>evaluation : " + GetCookie("evaluation"));
    document.write("<br>========ecid정보==========");
    document.write("<br>ecuser : " + GetCookie2("ecid", "ecuser"));
    document.write("<br>eclname : " + GetCookie2("ecid", "eclname"));
    document.write("<br>ecfamily : " + GetCookie2("ecid", "ecfamily"));
    document.write("<br>catvid : " + GetCookie2("ecid", "catvid"));
    document.write("<br>ectype : " + GetCookie2("ecid", "ectype"));
    document.write("<br>rowid : " + GetCookie2("ecid", "rowid"));
    document.write("<br>ecfamily : " + GetCookie2("ecid", "ecfamily"));
    document.write("<br>ecf : " + GetCookie2("ecid", "ecf"));
    document.write("<br>mediatype : " + GetCookie2("ecid", "mediatype"));
    document.write("<br>cusType : " + GetCookie2("ecid", "cusType"));
    document.write("<br>cbmDomain : " + GetCookie2("ecid", "cbmDomain"));
    document.write("<br>credate : " + GetCookie2("ecid", "credate"));

//-->
</script>

XSS