just.a.guy
01-14-2012, 07:16 PM
Hi,
I was told to use property "session.cookie_httponly".
I read up on it.
I can see how it will help session security.
My question: Does doing this eliminate the use
of cookies for other user profile information?
In other word:
Is the session cookie different from other application
cookies? And can a response include more that one
cookie?
Can you receive both a session cookie and an application
cookie at the same time? or does using session cookies
prevent the use of other cookie?
Thanks for your support.
I was told to use property "session.cookie_httponly".
I read up on it.
I can see how it will help session security.
My question: Does doing this eliminate the use
of cookies for other user profile information?
In other word:
Is the session cookie different from other application
cookies? And can a response include more that one
cookie?
Can you receive both a session cookie and an application
cookie at the same time? or does using session cookies
prevent the use of other cookie?
Thanks for your support.