Cookie is a method of storing data into the computer such as storing user names, passwords or other data. While the session is a method used to maintain data between pages.
For example:
we access site1.com page, then accessing site2.com. Pages site2.com will not know that we are the same people who previously had access site1.com page. Session task is to know that we are the same person.
For that task, the session usually use a cookie (so that the theft of cookies are the same as theft of session). However, the session does not have to use cookies because the nature of cookies are sometimes blocked by the user.
In addition, cookies save data in the user's computer while the session save the current code into the user's computer, while data stored in the server. Neither the value of a cookie nor the value of a session is dangerous if easy guessed or stolen by hackers.
Identity Providers for RedTeamers
7 months ago
0 comments:
Post a Comment