"be consistent" | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
Sure, there's all sorts of ways to do that. Essentially, you want to securely encrypt the cookie with a secret that only your script knows. That way only your script can decrypt the data in the cookie. The first thing you need is an encryption routine. There are several in the Crypt:: family that will do the job. Crypt::DES_EDE3, Crypt::Rijndael, or Crypt::IDEA are straightforward to use and widely believed to be secure. If you have a lot of data you want to encrypt (more than about 50 characters), you'll want to use Crypt::CBC to encrypt larger amounts (the encryption modules I suggested are block ciphers, and can only work on a chunks of data of a fixed size) That will encrypt your data; now you need to encode it in a way that it will make a reasonable cookie. MIME::Base64 is a good way to do that. So, if you create your cookie by encrypting it and base64-encoding it, to get the data back you'll simply base64-decode it, then decrypt it with the secret key, and you have the data back. I've done this for a few projects, and it works quite well. In reply to Re: Perl Cookie Encryption
by sgifford
|
|