When written and set appropriately, a cookie should only be sent to the appropriate web site. However, cookie information is still stored on the user's computer in a plain text format and can be viewed by anyone with access to the local machine.
Never use cookies to store sensitive information such as passwords and credit card information and make sure that any major operation (such as changing a user's preferences or submitting/accessing credit card details) requires the user to enter their full password.
Timothy Boronczyk lives in Syracuse, NY, where he works as an E-Services Coordinator for a local credit union. He has a background in elementary education, over 5 years experience in web design and has written tutorials on web design, PHP, Ruby, XML and various other topics. His hobbies include photography and composing music.
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
