aj123cd Posted April 2, 2012 Share Posted April 2, 2012 Stop using JS to steal session id, I thought of using the following code, can anyone advise is it good practice? Ini_set(‘session.cookie_httponly’, true); Quote Link to comment https://forums.phpfreaks.com/topic/260191-session-hijacking/ Share on other sites More sharing options...
aj123cd Posted April 2, 2012 Author Share Posted April 2, 2012 can any one advice me? Quote Link to comment https://forums.phpfreaks.com/topic/260191-session-hijacking/#findComment-1333655 Share on other sites More sharing options...
floridaflatlander Posted April 2, 2012 Share Posted April 2, 2012 Someone posted this info before http://phpsec.org/projects/guide/4.html Quote Link to comment https://forums.phpfreaks.com/topic/260191-session-hijacking/#findComment-1333663 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.