Skip to Main Content
Secure Development for Mobile Apps
book

Secure Development for Mobile Apps

by J. D. Glaser
October 2014
Intermediate to advanced content levelIntermediate to advanced
472 pages
10h 44m
English
Auerbach Publications
Content preview from Secure Development for Mobile Apps
225
seCure sessIon storAge
is:value name, pipe, value type, colon, value, followed last by a semicolon, ending the
current variable definition and beginning the next variable.
A session files directory must be located outside of the web root for security reasons.
It should never be directly readable via HTML request. If the files can be read, then
account information can be leaked. If the sessions directory can be publicly listed,
then all the session IDs are exposed. Placing one of those IDs in a cookie and mak-
ing a request restores the session to that request, leaking session account information.
erefore it is important to protect both the IDs of the files, as well as the data stored
within the files.
e current session ID is retrieved by cal ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Developing with Web Standards

Developing with Web Standards

John Allsopp
Mobile Cloud Computing

Mobile Cloud Computing

Dijiang Huang, Huijun Wu

Publisher Resources

ISBN: 9781482209037