Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Any reason to have a session ID within a form?

Tags:

php

asp.net

django

session

is there any reason for me to place the session ID within a form, as a hidden form field?

Thank you everyone!! :)

like image 347
RadiantHex Avatar asked Jan 22 '23 08:01

RadiantHex

2 Answers

This is a part of one of the possible methods for preventing against cross-site request forgery attacks.

It can be used in the Synchronizer Token Pattern.

It can also be used in the "Double-Submit Cookies" method mentioned at the bottom of the page linked to above.

like image 90
David Avatar answered Jan 28 '23 05:01

David

The only reason would be to maintain session state for all users including the ones that have disabled cookies.

like image 43
Andre Goncalves Avatar answered Jan 28 '23 05:01

Andre Goncalves
Sign in to Comment

Related questions

Web CMS Performance: pages/second (Joomla, Drupal, Plone, WP)
PHP: Using simplexml to loop through all levels of an XML file
How do I add a method to an object in PHP?
Find if node has siblings using simplexml
Determine if a string is a valid geographic location
How do you avoid forgetting to increase version number for your project? [closed]
How do I remove 'index.php' from URL in CodeIgniter?
What's a good web framework and/or tool for a software developer? [closed]
Events on PHP. Is it possible?
PHP - smart, error tolerating string comparison
how do I use mysql real escape string?
Drupal Form API and $form_state['storage'] is destroyed on a page refresh
How to prevent SQL Injection attack in applications programmed in Zend Framework?
Methods to achieve first, previous, next and last navigation
Regex - PHP Lookaround
TCPDF grey background for few cells?
PHP Get only a part of the full path
PHPMailer erroring out with Call to undefined method PHPMailer::SetFrom()
How can I include Wordpress posts in a custom PHP file?
SQL IN statement and ordering the results

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!