From: "Siegfried Heintze" <[EMAIL PROTECTED]>
> What is the difference (as far as security goes) between using a cookie
and
> a hidden field? Are hidden fields cached if we are using SSL? I think not.
>
>
Both have the same security.
A hidden field is simpler to be viewd by a user, but a cracker
>
> What is the difference (as far as security goes) between using a
cookie and
> a hidden field? Are hidden fields cached if we are using SSL? I think
not.
>
>
None. Both are wide open. SSL simply encrypts the "pipe" between your
server and the client (browser). Everything passing over it, inc
What is the difference (as far as security goes) between using a cookie and
a hidden field? Are hidden fields cached if we are using SSL? I think not.
If I use a GUID as a session ID in my database and store the GUID in a
hidden field and the user sees the GUID in some GET parameters, is this
