⭐ in reply to Cookie based authentication: Is it secure?
The header information with a cookie can look something like the following:
That is sent as plain text, which is not secure. Whatever values you set for the cookie can then be sniffed, so sensitive information shouldn't be passed this way.Set-Cookie: user_id:dajohn13; domain=.somedomain.com; path=/cgi-bin; expires=Sat, 01-Apr-2003 11:30:00 GMT; secure
In the example above, the secure parameter is used, which means that the browser will not return the cooking unless you are using a secure URL with the https protocol. That should provide adequate security and will make your scripts much safer if you plan to use cookies.
In Section
Seekers of Perl Wisdom