investigation: Facebook ID login on livingsocial.com

• General discussion

• 

  

  0

  Sign in to vote

  benign trace

  Understanding of the trace

  1. BRM1 has a hidden operation which is to send a cross-domain message from Facebook domain to livingsocial.com/login page. The message contains access_token, and the secret token signed_request. Upon receiving the message, livingsocial.com/login writes access_token, signed_request, along with other data into a cookie field fbls_48187595837, in which the number part is the relying party website's ID. In addition, it also creates another cookie field fbsr_48187595837, which stores another secret.
  
  

  • Edited by Rui Wang ISRC Wednesday, February 8, 2012 11:19 PM
  • Edited by cs0317 Friday, March 30, 2012 5:54 PM ....

  Wednesday, February 8, 2012 1:43 AM