observer.com URL should HTTPS
Unknown
Vulnerability Details
#Summary
This is just for the awareness to use HTTPS everywhere, even for outgoing links - where it's possible.
Treat this report with some salt, not as in hashes.
#Navigate to:
https://www.legalrobot-uat.com/press/
Example page (In the lower part where you find the observer.com Link):
observer redirect to HTTPS after click, but cookie is sent on the network before that.
See my attached photo. {F212950}
Related Issue : #1093
Thanks!
Actions
View on HackerOneReport Stats
- Report ID: 260299
- State: Closed
- Substate: resolved
- Upvotes: 6