Ole Ole - 13 days ago 4
HTTP Question

How does blogger.com know that it's me?

When I sign in with google and go to

(A google property)
knows that it's me. How does
identify me. Do I have to have visited it at some point and logged in, or does the browser send an identifier set by google to blogger.com?


The blogger.com main page pulls in an iframe from accounts.google.com where your login session with Google runs


and you'll notice that it does so using the passive=true flag which means that it won't prompt you if you're not logged in but it will silently return the result of this request to the caller, in this case blogger.com.

If you're not logged in the HTTP response is:

Location: https://www.blogger.com?rinli=1

if you are logged in it will be something like:

Location: https://accounts.blogger.com/accounts/SetSID?ssdc=1&sidt=<token>&continue=https%3A%2F%2Fwww.blogger.com%3Frinli%3D1%26pli%3D1%26auth...

where <token> represents your user identity in some Google/Blogger specific format.