Lädt...


🔧 Session vs Cookie


Nachrichtenbereich: 🔧 Programmierung
🔗 Quelle: dev.to

Sessions and cookies are both used to store information about users, but they have different characteristics and purposes:

Cookie:

  • Where it's stored: On the user's browser.
  • Purpose: To remember information about the user, such as login details or preferences, across different browsing sessions.
  • Lifetime: Can persist for a long time, depending on how they are set up (until they expire or are deleted).
  • Use case: Often used for tracking, remembering login status, or storing user preferences.

Example:

When you visit an online store and it remembers your login details or your preferences (like language settings), that's done using cookies.

You might close the browser and come back later, and the website still remembers you because the cookie is still there.

Session:

  • Where it's stored: On the server.
  • Purpose: To keep track of a user's activity while they are visiting a website.
  • Lifetime: Typically lasts only as long as the user's visit to the website. It ends when the user closes the browser or logs out.
  • Use case: Often used for maintaining a user's state and information while they navigate a site, like keeping items in a shopping cart.

Example:

When you add items to a shopping cart on an e-commerce site, that information is stored in a session. If you leave the site or close your browser, the cart might be empty when you return.

The information is kept on the website's server and disappears when you leave or log out.

Session and Cookies Often Work Together:

1. Session Management:

When you visit a website, a session is created on the server to keep track of your activities and data during your visit. This session is identified by a unique session ID. This session ID is sent to the user's browser as a cookie.

2. Using Cookies to Store Session IDs:

  • To link your browser to this session on the server, the server typically sends a cookie to your browser with the session ID.
  • Your browser stores this cookie, and every time you make a request to the server (like clicking a link or submitting a form), it sends the cookie back to the server.
  • This way, the server knows which session belongs to you and can provide the correct data and experience.

3. Persistence Across Visits:

Even though sessions are temporary, cookies can allow for persistence across visits.

For example, if you log in and select "Remember Me," the site might use a cookie to store your login status so you don’t have to log in again on future visits.

...

📰 Flask-Session-Cookie-Manager - Flask Session Cookie Decoder/Encoder


📈 34.8 Punkte
📰 IT Security Nachrichten

🕵️ CVE-2023-32725 | Zabbix up to 6.0.21/6.4.6/7.0.0alpha3 Session Cookie cookie validation


📈 26.63 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2022-1655 | Red Hat OpenStack Session Cookie cookie httponly flag


📈 26.63 Punkte
🕵️ Sicherheitslücken

🕵️ SimplePHPscripts News Script PHP Pro 2.3 Session Cookie cookie without 'httponly' flag


📈 26.63 Punkte
🕵️ Sicherheitslücken

🕵️ Pi-Hole up to 5.0/5.1/5.1.1 Session Cookie session fixiation


📈 25.57 Punkte
🕵️ Sicherheitslücken

🕵️ REST Client for Ruby up to 1.7.x Session Cookie Session Fixation weak authentication


📈 25.57 Punkte
🕵️ Sicherheitslücken

🕵️ REST Client for Ruby bis 1.7.x Session Cookie Session Fixation schwache Authentisierung


📈 25.57 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2022-2888 | OctoPrint Session Cookie session expiration


📈 25.57 Punkte
🕵️ Sicherheitslücken

🕵️ CubeCart up to 6.4.2 Session Cookie session fixiation


📈 25.57 Punkte
🕵️ Sicherheitslücken

🐧 I got the cinemon session cinemon x Session cinemon session cinemon error


📈 24.51 Punkte
🐧 Linux Tipps

🕵️ aio-libs aiohttp-session Session Session Fixation weak authentication


📈 24.51 Punkte
🕵️ Sicherheitslücken

🕵️ aio-libs aiohttp-session Session Session Fixation schwache Authentisierung


📈 24.51 Punkte
🕵️ Sicherheitslücken

🕵️ PHP bis 5.6.24/7.0.9 Session Name Handler ext/session/session.c erweiterte Rechte


📈 24.51 Punkte
🕵️ Sicherheitslücken

🕵️ PHP bis 5.6.24/7.0.9 Session Name Handler ext/session/session.c erweiterte Rechte


📈 24.51 Punkte
🕵️ Sicherheitslücken

🕵️ PrestaShop bis 1.6.1.19/1.7.3.3 Cookie Encryption Cookie.php schwache Verschlüsselung


📈 18.46 Punkte
🕵️ Sicherheitslücken

🔧 How to use Cookie Consent in a React App with react-cookie-consent


📈 18.46 Punkte
🔧 Programmierung

🕵️ D-Link DNR-326 bis 2.10 Build 02 Cookie check_login cookie schwache Authentisierung


📈 18.46 Punkte
🕵️ Sicherheitslücken

🕵️ CVE-2023-4055 | Mozilla Firefox up to 115.9 Cookie document.cookie state issue (DLA 3521-1)


📈 18.46 Punkte
🕵️ Sicherheitslücken

💾 MAXA Cookie Manager - Cookie-Verwaltung


📈 18.46 Punkte
💾 Downloads

🔧 Laravel Cookie Consent (EU Cookie Law)


📈 18.46 Punkte
🔧 Programmierung

💾 MAXA Cookie Manager - Cookie-Verwaltung


📈 18.46 Punkte
💾 Downloads

🔧 [JS/TS] Cookie Muncher - Effortless cookie management


📈 18.46 Punkte
🔧 Programmierung

📰 Total Cookie Protection: Firefox rollt Cookie-Isolation für alle Nutzer aus


📈 18.46 Punkte
📰 IT Nachrichten

🕵️ Dancer Perl 1.3111 Dancer.pm lib/Dancer/Cookie.pm cookie/cookies input validation


📈 18.46 Punkte
🕵️ Sicherheitslücken

🕵️ Synology Router Manager up to 1.2.4 Set-Cookie Header cookie without 'httponly' flag


📈 18.46 Punkte
🕵️ Sicherheitslücken

🕵️ October CMS up to 1.0.467 Cookie cookie validation


📈 18.46 Punkte
🕵️ Sicherheitslücken

🕵️ SAP Disclosure Management 10.1 Cookie httponly cookie without 'httponly' flag


📈 18.46 Punkte
🕵️ Sicherheitslücken

matomo