Found a little article at fragged.org from last year called Quake Live impressions of a developer. Interesting, if you know what they're talking about. 
Something in particular that caught my eye was the following:
[quote]Obviously
How does Quake Live run in a browser?
(7 posts) (3 voices)-
Posted 3 years ago #
-
it's the user's responsability to leave no traces behind: clear your own damn cookies and cache
Posted 3 years ago # -
I'm a noob in all this but if you log in to the quake live website and you choose not to save your nickname and password, will it then still be saved in cookies and/or cache?
Visit our Quake Live community & pickup channelPosted 3 years ago # -
no, but when you logon to the beta website, you obviously download that page into cache. And altho it is dynamic, it will still contain static parts that remain in cache. Inside are your tier info, username and password. Not the combination to login to the outer beta login page, but the combination to login once inside the beta zone where you sign in with email/pass combo nr 2
this means that although a cookie is erased after session if not checked for remembering, that the JS file still will be in cache -> BAD...
quakelive.userinfo = {"PLAYER_ID":"1015736",
"PLAYER_NICK":"Lk",
"PLAYER_STATUS":"ACTIVE",
"PLAYER_EMAIL":"lashknife@telenet.be",
"PASSWORD":"********",
"TIME_ZONE":null,
"EULA_DATE":"18-JUL-08",
"JOIN_DATE":"18-JUL-08",
"FIRSTNAME":"Werner",
"INVITE_COUNT":"0",
"IGNORED_NOTICES":" ",
"EULA_OUTDATED":"0",
"PLAYER_CLAN":"^1xc.",
"COUNTRY_ABBREV":"BE",
"TIER_CTF":"4",
"TIER_DM":"3",
"TIER_DUEL":"4",
"TIER_TDM":"4",
"TIER_CA":"4",
"ECODE":"0",
"MSG":null};Posted 3 years ago # -
Could easily make a frontpage post about this topic imo... If there wasn't any NDA.
Posted 3 years ago # -
Well, I guess people should know about this ... I can imagine a lot of people aren't even aware ... like me.
Maybe id software will find a solution to this before the game goes live, though (if at all possible)?
Visit our Quake Live community & pickup channelPosted 3 years ago # -
we can warn people that go in public area's to not leave traces behind, explaining that in cache there will be account information left behind, without posting evidence (nda)
that they really should clear the cache and cookies of their session, nothing more required. Ofcourse publicly installed and downloaded pak files will remain and the plugin will remain there but that's not important, they are unusable without an account.
I can make a post about it if you want
*** update ***: published !
Posted 3 years ago #
Reply
You must log in to post.