Why Using Cookie To Store Session Info Is A Better Idea Than Just Usi

1.	Why Using Cookie To Store Session Info Is A Better Idea Than Just Using Session Info In The Request ?
Answer» SESSION info in the request can be intercepted and hence a vulnerability. Cookie can be read and write by RESPECTIVE DOMAIN only and make sure that right session INFORMATION is being passed by the client. Session info in the request can be intercepted and hence a vulnerability. Cookie can be read and write by respective domain only and make sure that right session information is being passed by the client.

Why Using Cookie To Store Session Info Is A Better Idea Than Just Using Session Info In The Request ?

Answer»

SESSION info in the request can be intercepted and hence a vulnerability. Cookie can be read and write by RESPECTIVE DOMAIN only and make sure that right session INFORMATION is being passed by the client.

Session info in the request can be intercepted and hence a vulnerability. Cookie can be read and write by respective domain only and make sure that right session information is being passed by the client.

Discussion

No Comment Found

Related InterviewSolutions

Shall We Use Abstract Classes Or Interfaces In Policy / Strategy Design Pattern ?
Difference Between Factory And Strategy Design Pattern ?
Difference Between Builder And Composite ?
Difference Between Adapter And Facade ?
Difference Between Proxy And Adapter Design Patterns ?
What Kind Of Software Architecture Your Organization Follow ?
How Do You Coordinate And Communicate With The Team Developers ?
Which Uml Diagrams You Usually Use For Design ?
What Would You Do If You Have To Add A Jar To The Project Using Maven ?
If You Are Given A Choice To Implement The Code To Either Insert A Record Or Update If Already Exist, Which Approach Will You Follow ? 1. Insert Into The Db Table. If Exception Occurs, Update The Existing Record. 2. Check If The Record Exists And Update It If It Exists, If Not Insert A New Record.

Why Using Cookie To Store Session Info Is A Better Idea Than Just Using Session Info In The Request ?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment