Skip to Content
Pro PHP Security: From Application Security Principles to the Implementation of XSS Defenses, Second Edition
book

Pro PHP Security: From Application Security Principles to the Implementation of XSS Defenses, Second Edition

by Chris Snyder, Michael Southwell, Thomas Myer
December 2010
Intermediate to advanced
363 pages
12h 21m
English
Apress
Content preview from Pro PHP Security: From Application Security Principles to the Implementation of XSS Defenses, Second Edition

C H A P T E R  7

images

Preventing Session Hijacking

In Chapter 6, we complete our discussion of keeping your PHP scripts secure; here we discuss the final threat to the safety of your users' data: session hijacking.

The concept of persistent sessions was originally developed by Netscape in 1994 as part of an effort to make Internet connections more secure. That effort culminated in creation of the Secure Sockets Layer (SSL) protocol, which we will discuss at length in Chapter 16. However, in this chapter our interest is not (as it is there) in the security aspects of SSL but rather in the concept of persistent sessions, how they are potentially vulnerable ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Essential PHP Security

Essential PHP Security

Chris Shiflett
Securing PHP Apps
Preventing Web Attacks with Apache
What's New in Apache Web Server 2.2?

Publisher Resources

ISBN: 9781430233183Purchase book