Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid
 
PerlMonks  

Re: CGI Security Advice Sought

by Anonymous Monk
on Aug 01, 2001 at 13:48 UTC ( [id://101335]=note: print w/replies, xml ) Need Help??


in reply to CGI Security Advice Sought

I would suggest logging the ip, session id (serverside), along side the hashed version, and check those as well, when checking the cookie.

Both of these can be snooped, but at least you can detect when someone is trying to circumvent your security, by spoofing the cookie.

It might be even if you are changing the cookie hash 'often'.

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://101335]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others avoiding work at the Monastery: (5)
As of 2024-04-19 03:42 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found