Add ISO-3166 country codes #2939
Conversation
|
Hello! Right now the list mostly consists of a bunch of language codes. What made you consider adding country codes? |
|
Well, many websites ask you to input your country, for example so that it can show you the version of the site for your area or something like that. A country code alone isn't enough to identify someone and there can be legitimate reasons for collecting it similarly to languages |
|
I see, thank you. Was there a specific website or websites that made you think of this? |
|
Yes, I've remembered running into country codes in cookie values before but I don't know how often this is, the most recent one would be a website I found when doing a reverse image search in a CTF and clicking a website in the results and thinking to check the cookie values out of curiosity (I don't remember the name of the site but I can try to find it again when I have more free time), it seems like something that most websites would do but I don't know for sure, I'm unsure how to test a hypothesis like this because I don't have a tool to scan the Internet for common cookies or something to that effect |
ghostwords
added
the
heuristic
Adds ISO-3166 country codes to the low entropy cookie values