What is the difference (as far as security goes) between using a cookie and a hidden field? Are hidden fields cached if we are using SSL? I think not.
If I use a GUID as a session ID in my database and store the GUID in a
hidden field and the user sees the GUID in some GET parameters, is this of
any consequence?
Someone recommend that I don't persist cookies. How do I not persist
cookies?
Thanks,
Siegfried
