Finding @ppk's CSS compatibility chart indispensable these days - http://bit.ly/b2E2c
1 September 2009
In the first part of this series we went over how a cookie works and what can be done to secure them. In this section we’re going to go over ways to add additional security to the session beyond the cookie itself.
By the end of this article we will written our own wrapper class for “session_start” that protects our session from a number of attacks while taking into account some of the unique challenges presented by modern ajax-heavy websites.
24 August 2009
Securing cookies and sessions is vital to keeping an application secure. Many tutorials have been written on the subject, but as the internet (and browsers loading it) evolve so do the methods you can use to keep your application secure.
In this article we’re going to break down the various components of a cookie and what they mean for security. This will include limiting the cookie to certain domains and paths on those domains, choosing what information to store, and protecting the cookie from cross site scripting exploits. In a second article we will go into more depth in how to protect everyone’s favorite cookie, the session ID.
Enter your e-mail address below to receive regular updates on web design, web development, web business as well as news on upcoming events and special offers.
New Subscribe today and receive 2 FREE Web Designer Toolkits featuring video tutorials on CSS3 (18 videos) by @bbodien and jQuery (8 videos) by @rem.
Subscribe to the Think Vitamin articles RSS feed
Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.
Join host Keir Whitaker, Ryan Carson and Mike Kus for Think Vitamin Radio, a bi-weekly chat about web design, development and entrepreneurship. Listen to previous shows.
Think Vitamin Radio is kindly hosted by Buzzsprout
Finding @ppk's CSS compatibility chart indispensable these days - http://bit.ly/b2E2c
Twitter: @keirwhitaker
"How to use Textmate for cleaning up WordPress code" - http://bit.ly/cPVavx #wordpress
Twitter: @keirwhitaker
Carsonified is hiring! http://bit.ly/c5b2MY
Twitter: @ryancarson
Full transcript of Think Vitamin interview with @simplebits now available - http://bit.ly/chWrau
Twitter: @carsonified
You can receive Think Vitamin updates via email. Just pop your email address in the box below and click the arrows.
You can also receive new Think Vitamin posts via your RSS feed reader
Subscribe RSS Think Vitamin is a proud member of the Smashing Network19c Charles Street,
Bath BA1 1HX.
United Kingdom
Registered in England.
Company No. 5057020
T: +44 1225 324 980
E: hello@carsonified.com
In partnership with
