[FASTCGI] Cookie processing in Fast CGI

Jay Sprenkle jsprenkle at gmail.com
Thu Dec 10 15:24:46 EST 2009


I'd like to see what you've written if you want to share it.

When deciding on authentication methods you might look into 'cookie theft' .
When doing connection based authentication using cookies on older browsers
it makes it pretty difficult to ensure malicious people are kept out. I
couldn't come up with a way to do it other than just making the
authentication token expire so quickly that even if they got the cookie by
the time they tried to use it the id would have expired.


On Thu, Dec 10, 2009 at 1:54 PM, Tom Bowden <charles_thomas at mac.com> wrote:

> - when it comes to the cookie jar (CookieContainer class) functionality, I
> usually use a JSON structure/library - and have written/acquired json
> objects in everything (C, C++, postgres, javascript (duh), and php).   Since
> this is C++, and because I would get warm fuzzies if others can actually use
> it -- any problems with my favorite package  (jsoncpp --
> http://jsoncpp.sourceforge.net) ?
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.pins.net/mailman/private.cgi/fastcgi-developers/attachments/20091210/e0b1f085/attachment-0001.html>


More information about the FastCGI-developers mailing list