It is in our best interest to give as little information about the user to the browser as possible. Any other browser (perhaps one that the user logged into previously) could also make a request with with this id and compromise the users security. The problem with this is that it isn’t secure. The browser will then store this information, and send it along with every subsequent request so that the server knows where it’s coming from. One option is to send information about the user to the browser just as they login. The key problem we’re trying to solve here is: How does the web server know which user is sending each request? Irrespective of what type of website you’re making, if authentication is involved, you’ll encounter sessions and cookies.Įvery website receives multiple requests from multiple different users.
#WEB ESSENTIALS VS 2017 HOW TO#
The concepts highlighted here should help you understand the fundamentals of common issues and attacks that web applications can face on the internet, and how to fix them.
![web essentials vs 2017 web essentials vs 2017](https://carldesouza.com/wp-content/uploads/2018/03/img_5ab1b3d35ae70.png)
I wrote this post because resources on this subject are scattered and not explained well enough for newcomers to understand. Making a website that is secure is hard, but extremely important. The concepts that are highlighted in this post are essential for any web developer looking to make robust and secure websites.
![web essentials vs 2017 web essentials vs 2017](https://image.slidesharecdn.com/mscommunity-2018-visual-studio-productivity-2-190407131739/95/visual-studio-productivity-mscommunity-7-sarajevo-5-638.jpg)
This post is going to teach you everything you need to know about keeping your web application secure. Web Security Basics - An Introduction to the Essential Concepts Behind a Secure Website August 01, 2021