Y
Hacker News
new
|
ask
|
show
|
jobs
by
ExpiredLink
4669 days ago
A browser cookie isn't a replacement for server-side sessions. You cannot store sensitive data (e.g. safety related information) in a browser cookie.
1 comments
gnaritas
4669 days ago
As long as you encrypt it, sure you can. It's no different than storing the session pointer in the cookie.
link
oceanstone
4669 days ago
Though, with every HTTP request, the client will be uploading the entire cookie. This could manifest as degraded responsiveness, especially for mobile devices.
link
gnaritas
4669 days ago
That's the trade you make when using cookies. Nothing new there.
link
ExpiredLink
4668 days ago
Encrypted cookies? Just what hackers have been waiting for.
link