Stack Overflow
Stack Overflow

Questions tagged [session-cookies]

Session cookies enable a server and a browser to establish an identified connection (through cookies) and communicate though it.

Session cookies are temporary files that exist for a particular user for a pre-defined duration. Once this duration is expired, the session cookies are erased.

Session cookies allow a website to keep a state or memory of the visitor as they navigate between pages of the website.

4816 questions
630
votes
33 answers

Invalidating JSON Web Tokens

For a new node.js project I'm working on, I'm thinking about switching over from a cookie based session approach (by this, I mean, storing an id to a key-value store containing user sessions in a user's browser) to a token-based session approach (no…
funseiki
  • 9,167
  • 9
  • 36
  • 59
419
votes
10 answers

How to use cURL to send Cookies?

I read that sending cookies with cURL works, but not for me. I have a REST endpoint like this: class LoginResource(restful.Resource): def get(self): print(session) if 'USER_TOKEN' in session: return 'OK' …
daydreamer
  • 87,243
  • 191
  • 450
  • 722
192
votes
5 answers

What is the difference between server side cookie and client side cookie?

What is the difference between creating cookies on the server and on the client? Are these called server side cookies and client side cookies? Is there a way to create cookies that can only be read on the server or on the client?
Rahul
  • 2,511
  • 3
  • 20
  • 20
167
votes
22 answers

Laravel - Session store not set on request

I recently created a new Laravel project and was following along the guide on Authentication. When I visit either my login or register route, I get the following error: ErrorException in Request.php line 775: Session store not set on request. (View:…
mattrick
  • 3,580
  • 6
  • 27
  • 43
166
votes
39 answers

PHP session lost after redirect

How do I resolve the problem of losing a session after a redirect in PHP? Recently, I encountered a very common problem of losing session after redirect. And after searching through this website I can still find no solution (although this came the…
dayuloli
  • 16,205
  • 16
  • 71
  • 126
148
votes
5 answers

PHP Session Fixation / Hijacking

I'm trying to understand more about PHP Session Fixation and hijacking and how to prevent these problems. I've been reading the following two articles on Chris Shiflett's website: Session Fixation Session Hijacking However, I'm not sure I'm…
me2
  • 1,481
  • 3
  • 10
  • 3
126
votes
2 answers

How to do stateless (session-less) & cookie-less authentication?

Bob uses a web application in order to achieve something. And: His browser is on diet, therefore it does not support cookies. The web application is a popular one, it deals with a lot of users at a given moment - it has to scale well. As long as…
turdus-merula
  • 8,546
  • 8
  • 38
  • 50
113
votes
2 answers

How does cookie "Secure" flag work?

I know that a cookie with secure flag won't be sent via an unencrypted connection. I wonder how this works in-depth. Who is responsible for determining whether the cookie will be sent or not?
ted
  • 5,219
  • 7
  • 36
  • 63
98
votes
12 answers

How to delete cookies on an ASP.NET website

In my website when the user clicks on the "Logout" button, the Logout.aspx page loads with code Session.Clear(). In ASP.NET/C#, does this clear all cookies? Or is there any other code that needs to be added to remove all of the cookies of my…
Karthik Malla
  • 5,570
  • 12
  • 46
  • 89
95
votes
8 answers

What is the difference between session_unset() and session_destroy() in PHP?

From the php.net documentation: session_destroy — Destroys all data registered to a session session_unset — Free all session variables My three part question is: The two functions seem very similar. What is really the difference between the…
Johan
  • 1,292
  • 1
  • 13
  • 15
86
votes
10 answers

Check if cookies are enabled

I am working on a page that requires javascript and sessions. I already have code to warn the user if javascript is disabled. Now, I want to handle the case where cookies are disabled, as the session id is stored in cookies. I have thought of just a…
steveo225
  • 11,394
  • 16
  • 62
  • 114
86
votes
7 answers

How to secure the ASP.NET_SessionId cookie?

I have set the .ASPXAUTH cookie to be https only but I am not sure how to effectively do the same with the ASP.NET_SessionId. The entire site uses HTTPS so there is no need for the cookie to work with both http and https.
Pete
  • 1,388
  • 2
  • 13
  • 18
81
votes
8 answers

What is the difference between Sessions and Cookies in PHP?

What is the distinction between Sessions and Cookies in PHP?
Harsh
  • 2,078
  • 6
  • 22
  • 37
81
votes
8 answers

How to set expiration date for cookie in AngularJS

We want to store User's Authorization information in cookie which should not be lost upon refresh (F5) of browser. We want to store authorization info in "permanent-cookie" in case user has opted for "Remember Me" check box at the time of log-on.
Anand
  • 4,523
  • 10
  • 47
  • 72
73
votes
6 answers

localStorage vs sessionStorage vs cookies

I am working in an app where I need to keep some data during the user is logged in and I have that question, what is the difference among localStorage, sessionStorage, cookies ??? I was asking what can I use in order to persist some data in the…
Non
  • 8,409
  • 20
  • 71
  • 123
1
2 3
99 100