|
|
|
|
|
|
by bensedat
4819 days ago
|
|
|
Frameworks like Rails or Django offer options to encrypt or sign session cookies, but any other cookies are often left up to the developer to take care of. The HttpOnly and Secure flags are important to remember as well because otherwise a man-in-the-middle or rogue JS can modify them. |
|
|