FUDforum: comp.lang.php » session cookie: client side

Home » Imported messages » comp.lang.php » session cookie: client side

Show: Today's Messages :: Polls :: Message Navigator

Re: session cookie: client side [message #175903 is a reply to message #175898]

Fri, 04 November 2011 18:40

Jerry Stuckle
Messages: 2598
Registered: September 2010

Karma:

Senior Member

On 11/4/2011 10:21 AM, sl@exabyte wrote:
>> The cookie does not identify the user - it is just the session id. What
>> the server does with it is something else.
>>
>> In general, the session id does identify the computer from which the
>> cookie is being sent because the session id is a rather long
>> pseudo-random alphanumeric value. Yes it's possible for someone else
>> to intercept and read the session id, but in general it's unlikely.
>>
>> The real question is - what is the problem you are trying to resolve?
>> If the data are that sensitive, you should be using a secure protocol
>> for everything. If the data aren't sensitive enough to require a
>> secure protocol, why do you think the cookie is?
>
> I think I am missing something. By the term 'secure protocol', ie SSL,
> implies that HTTPS be used, rather than HTTP, isn't it ?
>
> Sorry if it is a stupid question. Anyway I shall google for SSL and HTTPS.
>
>

A secure protocol is one in which the content is encrypted between the
two systems. For web pages, it would typically be https. Command line
prompts would generally be ssl. There are others also, i.e. for ftp and
other protocols.

But you still haven't answered the question - what are you trying to
accomplish? What is sensitive enough that it requires a secure protocol?

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================

Report message to a moderator

[Message index]

		session cookie: client side By: sl@exabyte on Thu, 03 November 2011 09:10
		Re: session cookie: client side By: Balazs Nadasdi on Thu, 03 November 2011 12:23
		Re: session cookie: client side By: sl@exabyte on Fri, 04 November 2011 06:14
		Re: session cookie: client side By: Jerry Stuckle on Fri, 04 November 2011 11:55
		Re: session cookie: client side By: sl@exabyte on Fri, 04 November 2011 14:21
		Re: session cookie: client side By: Jerry Stuckle on Fri, 04 November 2011 18:40
		Re: session cookie: client side By: Denis McMahon on Fri, 04 November 2011 15:53
		Re: session cookie: client side By: Jerry Stuckle on Fri, 04 November 2011 18:41
		Re: session cookie: client side By: Denis McMahon on Fri, 04 November 2011 15:52

Previous Topic:	sqlite and php
Next Topic:	simple session question

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Thu Nov 07 22:48:40 GMT 2024

Total time taken to generate the page: 0.02987 seconds