Coffee on the Keyboard
  • Home
  • jamessocol.com
Subscribe
Tagged

sessions

A collection of 1 post

django

Session Fixation and Hijacking - Basic Security Part 6

NB: This is the sixth post in a series of posts on web application security. Don’t put session IDs in the URL. Django explicitly does not support this because it’s just dangerous. Use SSL and secure cookies. Use HttpOnly cookies. Is it really that easy? Yes and no.

James Socol Jul 24, 2012 • 2 min read
Coffee on the Keyboard © 2022
Powered by Ghost