[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lwip-devel] [patch #9576] Adding authorization cookie management
From: |
Giuseppe Modugno |
Subject: |
[lwip-devel] [patch #9576] Adding authorization cookie management |
Date: |
Thu, 1 Mar 2018 06:14:37 -0500 (EST) |
User-agent: |
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.186 Safari/537.36 |
Follow-up Comment #7, patch #9576 (project lwip):
> Create a single-page web application.
And this is a limitation.
> Protected data is pulled from the server using javascript, request URI must
contain ?user=---&pass=---
I know cookies and base64 encoding aren't security technologies, but they are
more "hidden" than a query string. One dummy hacker understand immediately
that you are *continuously* sending password to the server and have more
possibilities to crack the system.
> , so the server is able to check credentials and grant or deny the request.
Username and password validity in login form can be checked in a similar
manner. Credentials can be stored in browser's local storage.
> All of this can work with vanilla httpd.
_______________________________________________________
Reply to this item at:
<http://savannah.nongnu.org/patch/?9576>
_______________________________________________
Message sent via/by Savannah
http://savannah.nongnu.org/
- [lwip-devel] [patch #9576] Adding authorization cookie management, Giuseppe Modugno, 2018/03/01
- [lwip-devel] [patch #9576] Adding authorization cookie management, Giuseppe Modugno, 2018/03/01
- [lwip-devel] [patch #9576] Adding authorization cookie management, Mike Kleshov, 2018/03/01
- [lwip-devel] [patch #9576] Adding authorization cookie management, Giuseppe Modugno, 2018/03/01
- [lwip-devel] [patch #9576] Adding authorization cookie management,
Giuseppe Modugno <=
- [lwip-devel] [patch #9576] Adding authorization cookie management, Mike Kleshov, 2018/03/01
- [lwip-devel] [patch #9576] Adding authorization cookie management, Giuseppe Modugno, 2018/03/02
- [lwip-devel] [patch #9576] Adding authorization cookie management, Mike Kleshov, 2018/03/02
- [lwip-devel] [patch #9576] Adding authorization cookie management, Simon Goldschmidt, 2018/03/02
- [lwip-devel] [patch #9576] Adding authorization cookie management, Giuseppe Modugno, 2018/03/13
- [lwip-devel] [patch #9576] Adding authorization cookie management, Mike Kleshov, 2018/03/13