Jump to content

Search the Community

Showing results for tags 'httponly'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • uniGUI Public
    • Announcements
    • General
    • Feature Requests
    • Installation
    • Deployment
    • Other Platforms
  • Licensing
    • Licensing
    • Ordering uniGUI
  • Bug Reports
    • Active Reports
    • Closed Reports
    • Old Bug Reports
  • uniGUI Development
    • General Development
    • uniGUI Releases & Roadmaps
    • Utilities
  • Mobile Platform
    • uniGUI Mobile
    • Mobile Browsers
  • Users Area
    • Sample Projects
    • Components and Code Samples
    • Third Party Components
  • Non-English
    • Non-English
  • Miscellaneous
    • Hosting
    • Server Security
    • Jobs

Calendars

  • Community Calendar

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 1 result

  1. Mr. Farshad: I was investigate about security issues because a auditoring in my customers. I see that UniGui doesn't have Session Cookies, then is no problem the use of the parameter HttpOnly for the cookies. I realice that have a javascript variable _S_ID with the Session ID value. The HttpOnly parameters is to avoid a maliciosus javascript to get/set the Session Cookie ID, but implemening with a JavaScript Variable is more modificable and have not a way to avoid this. I'm right? About CSRF attacks I want to ask if they are implemented a issue to avoid this type of attack. Best Regards
×
×
  • Create New...