Instantly share code, notes, and snippets.
@homakov : Very nice ! But perhaps should need an update in order to handle the the new format (they still store them on clients unencrypted, I checked it).
Also please add a file to this gist in order to re‑encode modified session cookies back.
It seems gist store the user name in some way because I found this (I used opera dragonfly for editing local storage and cookies) :
This is settingdotcom_userwhich trigger gist asking oauth to github.com. If this cookie is not sent or it’s value is null, the user use gist.github.com as a guest. So gist.github.com sends a 302 response redirecting tohttps://gist.github.com/auth/github?return_to=https%3A%2F%2Fgist.github.com%2F
which redirect redirect tohttps://github.com/login/oauth/authorize?response_type=code&client_id=7e0a3cd836d3e544dbd&…
Which set _gh_sess and redirect to the gist.github.com callback.
Which set gist_user_session and redirect to gist.github.com main domain
But the dotcom_user don’t match something. I’m very curious to know exactly what sincecodechange every times (but guess this is linked to the standard Oauth process). As result gist.github.com re‑trigger the oauth exchange, leading to this result :
A circled redirect !