简体繁体中英

Hide PHP Session ID from URL and COOKIE

原文 2014-10-02 02:13:36 9 1 php/ session/ xss/ session-cookies/ csrf

I would like to hide the PHPSESSID from the Cookies and also prevent it from being used in the URL as well. My purpose for this is to avoid hacking using the PHPSESSID variable. But I would want my PHP to still utilize sessions.

1 answers

There are two ways to achieve this.

.htaccess

php_flag session.use_trans_sid off

php

ini_set('session.use_trans_sid', false);

Removing session Id in a cookie in PHP

PHP Session id cookie spoofing

PHP session id in cookie and storage

PHP CURL get session_id from cookie authentication api

Hide id from url

PHP Session ID uniqueness (for use in a cookie)

Reset cookie life and session Id in PHP

PHP cUrl and cookie GX_SESSION_ID

PHP Using a Session cookie ID set by 3rd party server/URL

Hide or alter id in url in php

暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Removing session Id in a cookie in PHP PHP Session id cookie spoofing PHP session id in cookie and storage PHP CURL get session_id from cookie authentication api Hide id from url PHP Session ID uniqueness (for use in a cookie) Reset cookie life and session Id in PHP PHP cUrl and cookie GX_SESSION_ID PHP Using a Session cookie ID set by 3rd party server/URL Hide or alter id in url in php

Related Tags

Hide PHP Session ID from URL and COOKIE

Question

1 answers

solution1 -1 2014-10-02 02:18:18

solution1
-1 2014-10-02 02:18:18