History
Session hijacking was not possible with early versions of HTTP.
HTTP protocol versions 0.8 and 0.9 lacked cookies and other features necessary for session hijacking. Version 0.9beta of Mosaic Netscape, released on October 13, 1994, supported cookies.
Early versions of HTTP 1.0 did have some security weaknesses relating to session hijacking, but they were difficult to exploit due to the vagaries of most early HTTP 1.0 servers and browsers. As HTTP 1.0 has been designated as a fallback for HTTP 1.1 since the early 2000s -- and as HTTP 1.0 servers are all essentially HTTP 1.1 servers the session hijacking problem has evolved into a nearly permanent security risk.
The introduction of supercookies and other features with the modernized HTTP 1.1 has allowed for the hijacking problem to become an ongoing security problem. Webserver and browser state machine standardization has contributed to this ongoing security problem.
Read more about this topic: Session Hijacking
Famous quotes containing the word history:
“There is nothing truer than myth: history, in its attempt to “realize” myth, distorts it, stops halfway; when history claims to have “succeeded” this is nothing but humbug and mystification. Everything we dream is “realizable.” Reality does not have to be: it is simply what it is.”
—Eugène Ionesco (b. 1912)
“To history therefore I must refer for answer, in which it would be an unhappy passage indeed, which should shew by what fatal indulgence of subordinate views and passions, a contest for an atom had defeated well founded prospects of giving liberty to half the globe.”
—Thomas Jefferson (1743–1826)
“In front of these sinister facts, the first lesson of history is the good of evil. Good is a good doctor, but Bad is sometimes a better.”
—Ralph Waldo Emerson (1803–1882)