+ 15

How secure are session variables?

$_SESSION

23rd Apr 2017, 4:31 AM
Swati
Swati - avatar
3 odpowiedzi
+ 10
with a cookie, a hacker can steal the session simply by using fairly simple XSS techniques.
23rd Apr 2017, 10:59 AM
Swati
Swati - avatar
+ 9
@Nipun Shihara But session ID's are stored as cookies which aren't that safe.
23rd Apr 2017, 10:57 AM
Swati
Swati - avatar
+ 1
I advise you to encrypt any value for sensitive information. 😉
23rd Apr 2017, 4:47 PM
Elghozi Nasreddine
Elghozi Nasreddine - avatar