Without encrypting the HTTP session using SSL (i.e. HTTPS), there is no method of storing information in a cookie that is secure since the packets containing the cookie are sent in the clear over the net. I don't even need to decrypt the password to use such a cookie, if I can get my hands on the packets as they pass from the client to the server.
That said, I'd think that for
most many non-commerce uses such a system is sufficient if there is a call to a cookie destructor at some point. Either a short expiration date on the cookie both on the client side and on the server side(so that a hijacked cookie has a short viability) or a "log me out" button, so that it is up to the user (in an apparent and easy way) to clear that cookie from use (and make it so they have to login the next time around-- of course, every login presents a possible target for interception as well).
Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
Read Where should I post X? if you're not absolutely sure you're posting in the right place.
Please read these before you post! —
Posts may use any of the Perl Monks Approved HTML tags:
- a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
| |
For: |
|
Use: |
| & | | & |
| < | | < |
| > | | > |
| [ | | [ |
| ] | | ] |
Link using PerlMonks shortcuts! What shortcuts can I use for linking?
See Writeup Formatting Tips and other pages linked from there for more info.