Hi.
I have read about Cloudflare Cookies at https://support.cloudflare.com/hc/en-us/articles/200170156-Understanding-the-Cloudflare-Cookies.
While exploring this topic, I saw that the first HTTPS response when visiting a website contains “set-cookie: __cfduid=;” and all the following HTTPS requests include this cookie.
I have a few questions regarding this cookie and dynamic content:
[1] Will a forged value cause the HTTPS request to be blocked by the edge server?
[2] Will a manually crafted HTTPS request, which include a previously received _cfduid cookie, bypass the edge server?
Thanks
This topic was automatically closed after 30 days. New replies are no longer allowed.