Displaying 1 result from an estimated 1 matches for "session_secur".
Did you mean:
session_secure
2005 Mar 05
4
''Session id'' hacking?
> Because you mentioned "cookie-hacking": it is very easy to
> take over a rails-session if you know the value of the
> session-cookie. It is not possible to prevent that easily,
> you can just make it harder by encrypting the whole session
> (right from the beginning when the user enters the site,
> and the cookie is created) by using https.
https will encrypted