Session-Only Data

For data that needs to persist only as long as the user is actively interacting with your application, the only major consideration you need to make is whether the data is sensitive. For data that can risk exposure over the Internet, you can choose between storing the data on the client or storing the data on the server. An example of storing the data on the client is the use of a cookie, and an example of storing the data on the server is the use of a database as a session data store. For sensitive data, you want to expose it over the Internet as little as possible, so you want to store this information on the server rather than have the client keep up with it.

When I refer to storing the data on the client, I am referring ...

Get HTTP Developer’s Handbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.