All geek questions in one place

Does cookie caching provide roles?

Will caching the user role in the cookie be a security issue? Can they decrypt the cookie and change their role as Admin? What good is this?

+3
source share
2 answers

Here is one good text:

How serious is this new ASP.NET security vulnerability and how can it be circumvented?

I personally would not store roles in cookies if there were no serious performance issue due to their receipt from the database. It all depends on you, security and performance. If you have a banking or health site, do not cache. If you have an e-commerce store, caching should not be an equally huge issue.

, - . , GetRoles System.Web.

+2

, , .

asp.net , . , , - .

: cookie, . , , , . .

0

Source: https://habr.com/ru/post/1786411/

More articles:


All Articles