Store values in session.item

Ask a Question related to ASP.NET Security, Design and Development.

  1. Niclas Lindblom #1

    Default Store values in session.item

    Hi,

    Are there any security issues related with storing data related to the users
    session in session.item ? Can i keep data in there with any risk of it being
    read from the client side ?

    Please advise

    Regards

    Niclas


    Niclas Lindblom Guest
    Reply With Quote Reply With Quote

    2. Similar Questions and Discussions

    1. How to store property values of custom controls to *.aspx.resx files at design time?
      Hi, I am building an web server custom control with a complex string property. The values of his property are very large strings looking like...
    2. Session DB values?
      I am trying to make a shopping cart. Old ones i have created I have stored product id's and prices in a cookie. Where can I find information on...
    3. Session variables contain no values
      Hi everybody. I'm experiencing strange problems with PHP session files: a user submits a form with UID and PWD. The next page checks these...
    4. How do I store values in table cells
      I have created a table that I want to fill with calculated values. I have given ID's to each cell. This must NOT be the way since I can't address...
    5. [PHP] Store array as Session Variable
      $details is an array (just like $company_name was). Try to view print_r($details); and see what you get. ---John Holmes... ----- Original...
  2. Chris Jackson #2

    Default Re: Store values in session.item

    Session information is stored on the server. What is sent to the client is
    the session ID. An attacker can hijack the session ID and pose as a given
    user, but if you never write this value back to the client, then they still
    won't be able to see it.

    --
    Chris Jackson
    Software Engineer
    Microsoft MVP - Windows XP
    Windows XP Associate Expert
    --
    More people read the newsgroups than read my email.
    Reply to the newsgroup for a faster response.
    (Control-G using Outlook Express)
    --

    "Niclas Lindblom" <lindblom_niclas@hotmail.com> wrote in message
    news:ONWl8gAkDHA.2140@TK2MSFTNGP09.phx.gbl...
    > Hi,
    >
    > Are there any security issues related with storing data related to the
    users
    > session in session.item ? Can i keep data in there with any risk of it
    being
    > read from the client side ?
    >
    > Please advise
    >
    > Regards
    >
    > Niclas
    >
    >

    Chris Jackson Guest
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts

Forum Rules


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139