Office 2010 Toolkit and EZ-Activator 2.2.4 .
office 2010 toolkit and ez-activator 2.2.4
External links
Category:Activation (computer security)
Category:Windows-only freewareQ:
When to use specific session cookie?
I have few questions. I am making a web application. My question is, when I want to store different data to the users, should I use one session cookie for that or multiple? For example, I want to store their user type and user group and I have to check for those in each page. Is it better to use only one session cookie or many?
A:
There's no "one size fits all". It depends on your application.
There are pros and cons to both. For example:
Storing all your data in a single session cookie saves you 1 HTTP call (which typically translates to a roundtrip delay). The pros for this are that it keeps your application design simple and easy to maintain. It also means that the data is available to all users of the application at all times, even if they are not currently using your application.
Storing all your data in a single session cookie also means that you're storing a bunch of state in a single cookie. This means that you have to send the cookie on every request. This can be a large overhead if you have lots of requests. If that cookie is on a shared server, there will be at least some downtime every time you make a request.
Storing all your data in a single session cookie means that all your data is stored on one server. If you're worried about attacks on a shared server, storing all the data on a single server could be a problem. That's especially true if that cookie isn't encrypted or has a very short expiration time.
Storing all your data in a single session cookie means that any cookies that are set (like the CSRF cookie) are stored in a single cookie. Having a CSRF cookie that's in a separate cookie (or a separate domain) can give you some benefits when it comes to session fixation attacks.
The cons of storing all your data in a single session cookie are that
It complicates your application design. If you need to be359ba680
Related links:
Comments