From the course: Programming Foundations: Secure Coding
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Session management issues
From the course: Programming Foundations: Secure Coding
Session management issues
- Session management vulnerabilities are associated with web application based client server systems. Let's take a look at the vulnerabilities and mitigations in this context. To understand session management issues, first let's look at how HTTP works. HTTP is a stateless protocol which means there is no user data or other information stored between requests in the web server. In a pure stateless HTTP system, each and every request is independent of every other request, even if it's the same user with the same browser in the same browsing session. Some developers feel the need to maintain some sort of state for the user leading to the creation of the session. The session is usually initiated by some event on the website. Authentication is usually that event that starts the session and generates the unique token. The server shares that token with the client through a cookie. Now every subsequent request from the…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.