Store values in session.item

N

Niclas Lindblom

Hi,

Are there any security issues related with storing data related to the users
session in session.item ? Can i keep data in there with any risk of it being
read from the client side ?

Please advise

Regards

Niclas
 
C

Chris Jackson

Session information is stored on the server. What is sent to the client is
the session ID. An attacker can hijack the session ID and pose as a given
user, but if you never write this value back to the client, then they still
won't be able to see it.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,483
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top