Re: Web application security w getstring
Those long query strings can serve both purposes - security and customization. They do roughly the same thing as cookies, although each has its advantages and disadvantages. -Mitch Justin wrote: I'm a newbie to web app security. Are URLs you see with long querystrings, for security reasons or to allow the end user to add to favourites (get the exact same page/situation back- url integrity). I'm learning how to maintain a 'session' with a logged-in user. Tks Justin
Re: Web application security w getstring
http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/avoid-get-non-queries.html lists some problems to consider. Mitchell Stoltz wrote: Those long query strings can serve both purposes - security and customization. They do roughly the same thing as cookies, although each has its advantages and disadvantages. Justin wrote: I'm a newbie to web app security. Are URLs you see with long querystrings, for security reasons or to allow the end user to add to favourites (get the exact same page/situation back- url integrity). I'm learning how to maintain a 'session' with a logged-in user. Tks Justin
