A
Adil Akram
I've developed a shopping cart application in ASP.net, C#. To maintain the
shopping cart session, I've used the session ID, but while it shifts to SSL
pages the session ID changed which is its default behaviour to maintain
security and prevent session stealing.
I've no idea to maintain session in shopping cart with SSL in check out form
because if I do it with cookies the same security problem exist there,
anyone can steal cookie in non SSL pages and can use it at any time in
user's session.
Expert advices are really appreciated.
I'm thankful in advance.
regards,
Adil
(e-mail address removed)
shopping cart session, I've used the session ID, but while it shifts to SSL
pages the session ID changed which is its default behaviour to maintain
security and prevent session stealing.
I've no idea to maintain session in shopping cart with SSL in check out form
because if I do it with cookies the same security problem exist there,
anyone can steal cookie in non SSL pages and can use it at any time in
user's session.
Expert advices are really appreciated.
I'm thankful in advance.
regards,
Adil
(e-mail address removed)