Reply to Re: session management- your opinion

Your name:

Reply:


Posted by julianmlp on 05/28/06 00:54

Janwillem Borleffs wrote:
> julianmlp@gmail.com wrote:
> > I think through this kind of procedure is hard to hijack an user
> > session.
> > What do you think?
> >
>
> You can test this yourself by faking the HTTP request send to the server
> from another machine using a valid session ID.

Well, I already tried it, and it doesn't work at all. I mean, only
pasting the url in the browser's address bar of another computer, the
user can't authenticate, beacause the cookie isn't there, so in some
way I could say that it is working well.

What I was wondering is: Is there any (simple/easy) way to hijack a
cookie remotely? (to be afraid of)

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация