search for: cookie_sess

Displaying 2 results from an estimated 2 matches for "cookie_sess".

Did you mean: cookie_sent
2008 May 21
32
Rack, Camping 2.0++
.... Cookie Sessions as default === What do you think about using Cookie Sessions instead of database-based by default (in camping/sessions.rb)? It''s much lighter and makes it simpler to create apps without database. It also helps making Camping ORM-agnostic. I''ve fixed this in the cookie_session-branch (requires Rack) available at http://github.com/judofyr/camping/commits/cookie_session (highly based on Jenna''s work) === 4. Renaming camping-unabridged.rb to camping.rb? === I haven''t touched camping.rb at all, do we really need to prove that it''s a micro-fram...
2007 Mar 30
7
Some additional attacks on Cookie Session
Aside from the replay attacks discussed, there are some other attack vectors on the cookie_session store. I appreciate (and admire!) Jeremy''s good humor on all of this: > Planting the seed here led to quick ripening and plenty of pesticide. > Thanks for the fish, all. > > jeremy Anyway, here''s what we came up with: 1. Brute Force SHA512 can be computed _very_...