Re: Login and CGI security problem.


"be consistent"
	PerlMonks

Re: Login and CGI security problem.

by chromatic (Archbishop)

on May 12, 2000 at 20:51 UTC ( [id://11318]=note: print w/replies, xml )

Need Help??

in reply to Login and CGI security ("open cookie jar") problem.

Another option is to use a timestamp on the server. For every action the user attempts to take, check the last timestamp for that account. If it's been more than 10 minutes, require re-authorization. Otherwise, update the timestamp to the current time and perform the action.

Sure, there is a window of time where some tricky malicious scripting could redirect the client to do something unintended, but it's minimized somewhat here.

Comment on Re: Login and CGI security problem.

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://11318]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others musing on the Monastery: (5)

As of 2024-04-19 05:57 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found