Beefy Boxes and Bandwidth Generously Provided by pair Networks
Don't ask to ask, just ask
 
PerlMonks  

Re^4: Grab username from WP Cookie

by Your Mother (Archbishop)
on Apr 02, 2020 at 00:32 UTC ( [id://11114936]=note: print w/replies, xml ) Need Help??


in reply to Re^3: Grab username from WP Cookie
in thread Grab username from WP Cookie

I am surprised to hear that. I can understand the functional benefit and the desire and effort to make it as secure as possible but I reject leaving data on the client and passing it in headers that have to go through various proxies and app forwarding and such especially where HTTPS is not completely enforced.

Replies are listed 'Best First'.
Re^5: Grab username from WP Cookie
by haukex (Archbishop) on Apr 02, 2020 at 18:02 UTC
    I reject leaving data on the client and passing it in headers that have to go through various proxies and app forwarding and such especially where HTTPS is not completely enforced.

    Sure, that's definitely a concern. Personally all I store in the session is some identifier, like the username, and keep the rest on the server. (I posted some sample code at 11114043 and 11114542).

Re^5: Grab username from WP Cookie
by Anonymous Monk on Apr 02, 2020 at 02:14 UTC

    I am surprised to hear that. I can understand the functional benefit and the desire and effort to make it as secure as possible but I reject leaving data on the client and passing it in headers that have to go through various proxies and app forwarding and such especially where HTTPS is not completely enforced.

    But its not even "as secure as possible". The cookies are merely signed, they're not encrypted.

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://11114936]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others examining the Monastery: (4)
As of 2024-03-28 15:38 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found