Quote:
Originally Posted by RawAlex
I accept that may not have been Zango's intention, but their method creates exactly this sort of situation in cases where the same site gets popped over itself.
|
I don't accept it, their intention is highlighted within the link you posted.
Silent affiliate code replacement without the use of popup windows.
Quote:
Not all 180 "cookie-stuffing" requires showing a duplicate window of the merchant's site. Some 180 cookie-stuffing uses hidden windows -- opened off-screen via IFRAMEs and similar methods -- to create or replace users' affiliate tracking codes without causing an extra window to be opened on the user's screen. Such an approach is implemented via instructions -- from 180's servers to 180 software on users' PCs -- of form shown below:
...................
In the course of events described in this section, there exists no notable on-screen image to be captured in a screenshot, and I therefore can provide no screenshot of this finding. Notwithstanding the lack of on-screen confirmation, my network monitoring confirms that the IFRAME at issue (definition) is rendered off-screen. My testing further confirms that the IFRAME overwrites users' cookies via the specified HTTP request to linksynergy (or, for some trigger conditions, other affiliate tracking services): I have confirmed such overwriting by observing that the IFRAME URL is requested by the user's PC, and that the user's cookies are altered accord to instructions in the corresponding HTTP response. As a result, commission flows to 180solutions without users ever receiving any on-screen indication that any commission transfer is taking place.
|