Store values in session.item

Discussion in 'ASP .Net Security' started by Niclas Lindblom, Oct 11, 2003.

  1. Hi,

    Are there any security issues related with storing data related to the users
    session in session.item ? Can i keep data in there with any risk of it being
    read from the client side ?

    Please advise

    Regards

    Niclas
    Niclas Lindblom, Oct 11, 2003
    #1
    1. Advertising

  2. Session information is stored on the server. What is sent to the client is
    the session ID. An attacker can hijack the session ID and pose as a given
    user, but if you never write this value back to the client, then they still
    won't be able to see it.

    --
    Chris Jackson
    Software Engineer
    Microsoft MVP - Windows XP
    Windows XP Associate Expert
    --
    More people read the newsgroups than read my email.
    Reply to the newsgroup for a faster response.
    (Control-G using Outlook Express)
    --

    "Niclas Lindblom" <> wrote in message
    news:...
    > Hi,
    >
    > Are there any security issues related with storing data related to the

    users
    > session in session.item ? Can i keep data in there with any risk of it

    being
    > read from the client side ?
    >
    > Please advise
    >
    > Regards
    >
    > Niclas
    >
    >
    Chris Jackson, Oct 13, 2003
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. ssoss

    Display Related Item or Add Item

    ssoss, Sep 17, 2003, in forum: ASP .Net
    Replies:
    2
    Views:
    467
    ssoss
    Sep 19, 2003
  2. =?Utf-8?B?VGlsbG1hbiBFcmI=?=

    How can I store DataList DataItem values to Session variable?

    =?Utf-8?B?VGlsbG1hbiBFcmI=?=, Feb 22, 2005, in forum: ASP .Net
    Replies:
    3
    Views:
    1,895
    =?Utf-8?B?Ui4gVGhvbWFzIFtYdHJlbWUuTmV0XQ==?=
    Feb 22, 2005
  3. =?Utf-8?B?UnVkeQ==?=

    to store or not to store an image

    =?Utf-8?B?UnVkeQ==?=, Mar 29, 2005, in forum: ASP .Net
    Replies:
    6
    Views:
    611
    =?Utf-8?B?UnVkeQ==?=
    Mar 30, 2005
  4. CMM
    Replies:
    2
    Views:
    396
  5. Zach Dennis
    Replies:
    2
    Views:
    144
    Joel VanderWerf
    Jan 8, 2004
Loading...

Share This Page