Oh ok thank you so basically roblox lniks are safe
1 Like
Roblox needs your cookie to identify you; it’s useless to block Roblox from seeing a cookie that it set.
Modern browsers have measures to stop cookie theft; as long as you don’t go to suspicious websites (CSRF vulnerabilities) and don’t install any shady extensions, you should be fine.
1 Like
You should try creating your own browser extensions because you have full control of it and it won’t contain any malicious viruses of such.
1 Like
The majority of the community aren’t in a position to do this. 
The only real solution here is open source (so everyone can easily see the source) and better moderation of the webstore (Google is notorious for their poor app/ext moderation)
I think you have to send them message using their support page not email
1 Like
There is also a limited sniper javascript cookie logger. I exposed a scammer for this on Trade Hangout and he left. 
I was just on a game where you can cuss all you want (please take it down by the way),
I saw this, is this true, can bots scan your cookies via games?
1 Like
No, bots cannot scan your cookies via games.
2 Likes
I recently was cookielogged from the way of Limited Sniper I was desperate for sshf and didnt think enough about it. I ended up losing 15k robux to the user whymadss. To get her out of my account do I just click “Log out of all other sessions” then log out and back in myself? I’m not familiar with this and honestly really upset.
You should go to Support and get in contact with them so you can do a 1 time rollback. Unfortunate that happened. Hope you get your items back!
Thank you so much! Is this person able to get back into my account though after I signed out of all sessions and logged out and back in myself? Just worried that if I get it back this person will come at me again and take it.
You should clear your cookies or change your password. Clearing cookies is more safer imo.
How do I change my cookies? I have already changed my password.
you should clear your cookies regardless. It’s better to do both cookie clearing and password changing just to be safe.
this depends on your browser, do know that clearing your cookies will log you out of all your currently logged in accounts.
For firefox it’s rather easy, when you put into the url bar “firefox cookie clearing” a box will pop up like this:
from that button you can manage what to clear and how to clear it. Just select what you want to clear, but don’t touch the stuff that’s under the data section as that might remove your cached logins from your browser.
I have a question. If I do get cookie logged, do all my Roblox accounts associated with my IP get hacked?
No, only the account that you were using when your .ROBLOSECURITY cookie was logged will be affected. Just like Voided mentioned, in case you do get cookie logged, you should change your password and clear all of your cookies (this will log you out of all your sessions in all websites)
Edit: You actually have to log out, like @ElliottLMz said.
1 Like
Clearing you cookie doesn’t actually invalidate the token. You need to sign out to invalidate the token the cookie contains.
4 Likes
Oh, sorry. Wrote the reply way too fast.
Probably one of the more important threads on here. Thanks for making it, mate.
Thanks so much for sharing this! Someone random I didn’t know messaged me, asking for me to copy and share them an ‘audio file’ on ROBLOX. They asked me to get a song off Roblox he wanted in the form of a .har file. Luckily I already knew what .har files were, and I played along for a bit. I said ‘I’m a little sceptical with this inspect panel’ and he showed me ‘proof’ it was real by going to the upload audio panel of the website and changing ‘Add .mp3 file’ to ‘Add .har file’ using Inspect Element. If I didn’t know what a .har file was, I would have been cookie logged, which would have had devastating effects. I’m really glad you’re sharing this with developers and traders all round. I learned what a .har was from studying sites where Roblox account cookies are sold, and I’m glad to God I did, otherwise I’d have been cookie logged.
Sorry for the fat word vomit!
3 Likes