Jump to content

cookie security, client value is easy to be stolen and eavesdropped

Recommended Posts

With regard to cookie security, client values are easy to be stolen and eavesdropped.

There is indeed a cookie security problem. Can you direct how to handle the following vulnerabilities.

1. How to set httponly? Is it set in the properties of servermodule?

2. How to include secure attribute in cookie?

Link to post
Share on other sites
  • 2 weeks later...
  • Administrators


If you want to secure your cookies you need to use an encryption method to encode/decode the strings. uniGUI provides a mechanism to save/load cookies, but it doesn't provide a mechanism to encrypt them.

  • Like 1
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...