Beware of custom cookies

Cookies are meant to store user-related data on the browser.

The recommended method of handling user data is not with a Cookie, but with an HttpSession:

If you decide to use a Cookie directly, then care should be exercised that: Note as well that the Open Web App Security Project says that 'Remember Me' cookies are a security risk.

See Also :
Manage sessions closely
Would you use this technique?
Yes   No   Undecided   
© 2014 Hirondelle Systems | Source Code | Contact | License | RSS
Individual code snippets can be used under this BSD license - Last updated on September 21, 2013.
Over 2,000,000 unique IPs last year - Built with WEB4J.
- In Memoriam : Bill Dirani -