G
Guest
I'm currently making a web app that stores a user id in a cookie, and builds
user information off of that in the differnt pages of the site. The cookie is
created on login, and is separate from the authentication cookie. Are there
dangers to doing this? How easily can a cookie be tampered with? Is there any
fast setups, or things I can do for securing the cookie? I'm thinking someone
could tamper with the user id portion of the cookie and get someone else's
info.
I'm using a web farm environment, so I can't use other methods (like
session). Cookies seem to be the best way, but I wanted to know the dangers
and possible ways to prevent them.
Thanks.
user information off of that in the differnt pages of the site. The cookie is
created on login, and is separate from the authentication cookie. Are there
dangers to doing this? How easily can a cookie be tampered with? Is there any
fast setups, or things I can do for securing the cookie? I'm thinking someone
could tamper with the user id portion of the cookie and get someone else's
info.
I'm using a web farm environment, so I can't use other methods (like
session). Cookies seem to be the best way, but I wanted to know the dangers
and possible ways to prevent them.
Thanks.