[ciapug] Securing session variables
Chris Hettinger
ciapug@cialug.org
Tue, 18 Nov 2003 09:24:56 -0600
The application that I am writing deals with the input of patient
information. I don't pass much at all in session variables, except a
couple ID's. Really I was not sure how 'secure' session variables are
from being seen, hence my question.
Just trying to cover my end.
-----Original Message-----
From: ciapug-admin@cialug.org [mailto:ciapug-admin@cialug.org]On Behalf
Of Lathrop Preston
Sent: Tuesday, November 18, 2003 8:51 AM
To: ciapug@cialug.org
Subject: Re: [ciapug] Securing session variables
I am not exactly certain what you are trying to accomplish here with
this.
could you explain the need for this security.
Lathrop
Chris Hettinger wrote:
> What are your suggestions in regards to securing session variables in
web site applications?
>=20
> I am currently working on a project in which I am using session
variable to store some key identifiers so the next page(s) can use them.
I am wondering if I could do anything to secure these variables between
page transitions.
>=20
> Could I encode them in some way on page X, before redirecting to page
Y. Then having something decode it on page Y so it can be used ??
>=20
> -Chris Hettinger, Web Specialist
> -IFMC/ENCOMPASS
> -www.encompas.com
> -(515) 279-8730
>=20
>=20
>=20
> CONFIDENTIALITY NOTICE: This communication, including any attachment,
may contain confidential information and is intended only for the
individual or entity to whom it is addressed. Any review,
dissemination, or copying of this communication by anyone other than the
intended recipient is strictly prohibited. If you are not the intended
recipient, please contact the sender by reply email, delete and destroy
all copies of the original message.'
>=20
> _______________________________________________
> ciapug mailing list
> ciapug@cialug.org
> http://cialug.org/mailman/listinfo/ciapug
_______________________________________________
ciapug mailing list
ciapug@cialug.org
http://cialug.org/mailman/listinfo/ciapug
CONFIDENTIALITY NOTICE: This communication, including any attachment, =
may contain confidential information and is intended only for the =
individual or entity to whom it is addressed. Any review, =
dissemination, or copying of this communication by anyone other than the =
intended recipient is strictly prohibited. If you are not the intended =
recipient, please contact the sender by reply email, delete and destroy =
all copies of the original message.'