Now I'm afraid.
Wish this wasn't posted. Now people are going to try this. |
You cannot actively hack this – you can only actively allow this bug to happen. In other words, by knowing about the "auth" parameter you can prevent sending it to others. |
So how do I prevent such a mishap? |
Don't post your URL with an ?auth in it |
If all you do is use Google Page Creator nothing can happen. But if you ever want to send someone else a web address from Google (e.g. to point your friend to Google Page Creator), make sure you remove the "auth" parameter from the URL. If you see this in other Google applications, remove it as well. Also, if you share your PC with others make sure you clear your browsing history, cookies and so on. |