This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Talk:Session Management

From OWASP
Jump to: navigation, search

This chapter needs to be broken into:

Session fundamentals - crypto - idle - etc

Session storage - client side storage - server side storage

Per-platform - simplify each section - add a J2EE and .NET section


Q: (Javier Fernandez-Sanguino) Should this chapter add a reference (in the "Protecting identifier section") to http://www.owasp.org/index.php/HTTPOnly ? Although not (yet) standard this is supported by all major browsers.

Retrieved from "https://wiki.owasp.org/index.php?title=Talk:Session_Management&oldid=64354"