Stack Overflow
Stack Overflow

Questions tagged [session-cookies]

Session cookies enable a server and a browser to establish an identified connection (through cookies) and communicate though it.

Session cookies are temporary files that exist for a particular user for a pre-defined duration. Once this duration is expired, the session cookies are erased.

Session cookies allow a website to keep a state or memory of the visitor as they navigate between pages of the website.

4816 questions
11
votes
2 answers

ANDROID : Share session between Webview and httpclient

I have actually a logged session in my WebView. But I use also httpclient to send and get data from the web. I saw on the internet that it's impossible to get the content of a WebView, so I needed to use my httpclient to get data from a webservice.…
Dahevos
  • 1,495
  • 5
  • 16
  • 26
11
votes
1 answer

Database session support in nodejs/express

Does expressjs/nodejs have support (via a module?) for database sessions? I come from the world of PHP/CodeIgniter and I've enjoyed the features of storing session data in a mysql database table. Is this approach used with nodejs web apps?
Casey Flynn
  • 13,654
  • 23
  • 103
  • 194
10
votes
3 answers

JBoss 7.0.1 running without jsessionid in the URL is not working

Because of some security reasons I deceided to disable session tracking by jsessionid in URL. Before I changed my web.xml to the one below, I had on the first time I visited the page a jsessionid in the url, after clicking the first link, it never…
Joergi
  • 1,527
  • 3
  • 39
  • 82
10
votes
4 answers

Checking if user has changed cookie value, manually

I am busy with a login system for my project. Just for an extra step to the security.. How can I check/detect if a user has manually changed a cookie value? Is there some easy way of doing this? Or do I have to set an extra Session variable and…
Marc Uberstein
  • 12,501
  • 3
  • 44
  • 72
10
votes
1 answer

Get Session expiration time in Zend Framework

Is there a way in Zend Framework or PHP to get the time until the Session(PHPSESSID cookie) expires?
fsteinbauer
  • 161
  • 1
  • 1
  • 13
10
votes
2 answers

choose between asp identity claims and sessions data

I am trying to make a choice between storing user specific data in my MVC application either as identity claims or as session data to reduce the number and frequency of database round trips on requests. However, considering performance, security and…
Josh
  • 1,660
  • 5
  • 33
  • 55
10
votes
1 answer

using retrofit with Cookie persistence

I guys, I'm using retrofit and I wonder how to transparently handle the session cookie. For that I extend the given ApacheClient and use a CookieStore in the custom call to ApacheClient.execute(HttpClient, HttpUriRequest) : Client client = new…
avianey
  • 5,545
  • 3
  • 37
  • 60
10
votes
7 answers

Fully disable cookies in Laravel 4 API

I am using Laravel to build a RESTful API. I use Basic HTTP Auth (Authenticate header), with this filter: Route::filter('auth', function() { $credentials = ['email' => Request::getUser(), 'password' => Request::getPassword()]; if…
Iso
  • 3,148
  • 23
  • 31
10
votes
2 answers

How long does a session cookie last? When should I reauthenticate?

How long can I use a session cookie? I have a client application where I authenticated to a SharePoint site and I am using the cookies for navigating through the subsites. I am saving the cookie and reusing the headers to login to the site at a…
rogerstone
  • 7,541
  • 11
  • 53
  • 62
10
votes
1 answer

Flask session forgets entry between requests

I'm using the latest Flask/Werkzeug (Flask 0.9) client-side sessions to persist information between requests. The session is not set to be persistent (as I'm fine with the cookie being deleted when the browser is closed). My problem is as follows: I…
RJH
  • 321
  • 2
  • 8
10
votes
2 answers

Sessions Across Subdomains in Express

I'm using the vhost feature in Express with Node to manage multiple subdomains for my app. The app uses the same session secret and key, and I believe I've used the correct session cookie settings: cookie: { path : '/', …
dshipper
  • 3,489
  • 4
  • 30
  • 41
10
votes
2 answers

Stay Logged In Best Practices: How does a username in the cookie make it more secure?

This is a branch of another question: What is the best way to implement "remember me" for a website? The top answer is to implement this: http://jaspan.com/improved_persistent_login_cookie_best_practice A summary: Use a random number as a Series…
Chris Moschini
  • 36,764
  • 19
  • 160
  • 190
10
votes
1 answer

PhoneGap session (cookies) on iOS

On server we have a set of JSON APIs. There's a login method that authenticates the user and creates user session. Subsequent calls to other methods on the API assume that the user is authenticated. On client side we have PhoneGap and jQuery…
emirc
  • 1,948
  • 1
  • 23
  • 38
9
votes
4 answers

How to keep a PHP session active even if the browser is closed?

How can I keep the user's session active, even if they accidentally closed their browser. Like in Facebook for example. If you log in to their site and you close the tab or the browser, when you open a browser again and visits Facebook, they will…
freeloader
  • 336
  • 2
  • 6
  • 18
9
votes
2 answers

asp.net secure cookies

I want to secure my cookies, i read about "HTTPOnly" and "Secure" cookie flags for the ASP.NET_SessionId cookie. I create new asp.net project in VS. And in fiddler in Inspectors -> raw i have: Cookie: DXCurrentThemeMVC=Office2010Black;…
Andriy Khrystyanovich
  • 1,422
  • 3
  • 19
  • 38
1 2 3
99 100