Posted by Christian Aastorp on 09/04/07 07:48

On Mon, 03 Sep 2007 16:23:17 -0400, Jerry Stuckle
<jstucklex@attglobal.net> wrote:


>
>Of course, you do realize cookies are stored on the client machine, and
>the user can read them? And a savvy user can change them?
>
>Of course, if that's not important, there's no problem.

Yes i do realize that, still, thank you for the warning!
The only thing anyone will achieve by setting this cookie is some
filenames visible in the browser-window. These files are located on
the web-server and accessible by other means. Also they are cleared
for publication.

There is a little layer of "security by obscurity" as I'm the only one
with knowledge of the cookies name and function. Our main site will
never set this cookie for any client. Still I'm aware that it's simple
to inspect the php-code to find me out, but its without risk, at least
at the moment.

Thanks again!
--
Christian Aastorp

• Next in forum: Re: Try catch from php5 to php4?
• Prev in forum: Re: Hello: not so much php, more like HTML..?
• Thread view: Re: How to include optonial info when running on local server?

[Reply to this message]