[FASTCGI] Cookie processing in Fast CGI

Tom Bowden charles_thomas at mac.com
Thu Dec 10 15:45:17 EST 2009


On Dec 10, 2009, at 2:24 PM, Jay Sprenkle wrote:

> I'd like to see what you've written if you want to share it.
> When deciding on authentication methods you might look into 'cookie  
> theft' . When doing connection based authentication using cookies  
> on older browsers it makes it pretty difficult to ensure malicious  
> people are kept out. I couldn't come up with a way to do it other  
> than just making the authentication token expire so quickly that  
> even if they got the cookie by the time they tried to use it the id  
> would have expired.
> On Thu, Dec 10, 2009 at 1:54 PM, Tom Bowden  
> <charles_thomas at mac.com> wrote:
> - when it comes to the cookie jar (CookieContainer class)  
> functionality, I usually use a JSON structure/library - and have  
> written/acquired json objects in everything (C, C++, postgres,  
> javascript (duh), and php).   Since this is C++, and because I  
> would get warm fuzzies if others can actually use it -- any  
> problems with my favorite package  (jsoncpp -- http:// 
> jsoncpp.sourceforge.net) ?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.pins.net/mailman/private.cgi/fastcgi-developers/attachments/20091210/588d0652/attachment.html>

More information about the FastCGI-developers mailing list