This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Talk:Session Management"
From OWASP
| Line 13: | Line 13: | ||
- simplify each section | - simplify each section | ||
- add a J2EE and .NET section | - add a J2EE and .NET section | ||
| + | |||
| + | |||
| + | Q: (Javier Fernandez-Sanguino) Should this chapter add a reference (in the "Protecting identifier section") to http://www.owasp.org/index.php/HTTPOnly ? Although not (yet) standard this is supported by all major browsers. | ||
Latest revision as of 16:24, 18 June 2009
This chapter needs to be broken into:
Session fundamentals - crypto - idle - etc
Session storage - client side storage - server side storage
Per-platform - simplify each section - add a J2EE and .NET section
Q: (Javier Fernandez-Sanguino) Should this chapter add a reference (in the "Protecting identifier section") to http://www.owasp.org/index.php/HTTPOnly ? Although not (yet) standard this is supported by all major browsers.
