7 HTTP session management

This chapter covers

Understanding HTTP cookies
Configuring HTTP sessions in Django
Choosing an HTTP session-state persistence strategy
Preventing remote code-execution attacks and replay attacks

In the previous chapter, you learned about TLS. In this chapter, you’ll build on top of that knowledge, literally. You’ll learn how HTTP sessions are implemented with cookies. You’ll also learn how to configure HTTP sessions in Django. Along the way, I’ll show you how to safely implement session-state persistence. Finally, you’ll learn how to identify and resist remote code-execution attacks and replay attacks.

7.1 What are HTTP sessions?

HTTP sessions are a necessity for all but the most trivial web applications. Web applications ...

Get Full Stack Python Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Full Stack Python Security by Dennis Byrne

7 HTTP session management

7.1 What are HTTP sessions?

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly