|
by: mrbog |
last post by:
Tell me if my assertion is wrong here:
The only way to prevent session hijacking is to NEVER store
authentication information (such as name/password) in the session.
Well, to never authenticate a user from information you got from the
session. Each secure app on a site must challenge the user for name
and password, each and every time the user accesses it (not just once
and then store it in the session). If a secure app is multi-page,...
|
by: Seth |
last post by:
I have noticed that the id of my session object changes
when I switch from a non-secure to a secure connection.
What I'm trying to do:
I have a cookie that is built on the non-secure side of
things. What I need to do is to switch to a secure
connection and then later on while still in that secure
connection delete the cookie that was created on the non-
secure side. I need to do this because I can not
reference the non-secure cookie...
|
by: Russell |
last post by:
Hi there,
I'm currently creating a .NET Web Application and I have a question about
passing values from one screen to another. I previously used Session
variables in the code to store these values, however I can no longer use
this method because of my current website "Cloaking" the URL. (When site is
cloked, the session variables don't seem to work with frames)
Anyway, I was wondering if anyone could offer an alternative, I have tried...
|
by: Stephen Bartholomew |
last post by:
Hi All,
Firstly, apologies to anyone that notices the cross-post: i also
posted this in microsoft.public.dotnet.general earlier this week.
I have an ecommerce site that resides mainly on an unsecure server for
browsing the catalogue and only passes the user to a secure area when
its time checkout. The secure domain however is not located on the
same URL as the unsecure site - it is hosted on a virtual directory of
the ISP's secure...
|
by: Adrian Parker |
last post by:
We have a website that works everywhere but on a few PCs on this one site..
Asp.Net 1.1
Server = Windows 2003
Client = XP
In the web.config we use - cookieless="false"
in the browser settings they have "Always allow session cookies" set to true
When the browser connects to the website the first page sets a session
variable called "user_ref" to something and then calls another page. If on
|
|
by: Joe |
last post by:
I have an application which runs in a non-secure environment. I also have an
application that runs in a secure environment (both on the same machine). Is
there any way to share the session data for this?
Most of the site allows the user to add things to a cart (non-secure), once
they choose to check-out, I need this information which was stored in the
session to be read by the payment page(secured).
Hope this makes sense. It's probably...
|
by: YYZ |
last post by:
I'm using asp, not asp.net. I've got some open ended questions that I
was really hoping someone in here could answer, or direct me to some
resources that will help me answer them on my own.
First, the session object. When a new user comes to my site, asp
creates a session object, and a session id on that object. That
session id is sent back to the client and stored as a cookie(?) that
can be used to identify a single user across...
|
by: daniel.westerberg |
last post by:
Is it possible to keep sessions between subdomains?
I.e
If I have a site "shop.com" and when user acess his personal page it's
"secure.shop.com"
Is it possible to share the session values between these two?
Why I ask is because the hosting company gives a discount on SSL
certificates if I put it at secure.shop.com instead of the entire site
and since I only need checkout and personal info pages to be secure I
was thinking that I could...
|
by: Josh |
last post by:
I run a Joomla website and am familiar with php in some but not all
aspects. Currently I am trying to find some solutions related to
session handling.
Am I correct in saying that "login" is kept in sessions? I can see
active sessions in my mysql database, but is that the only place this
information is stored? Sessions and cookies I know are related also,
but how specifically (session info stored in cookies?)?
Right now, when users...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
|
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
|