Is it possible for someone (hacker), to somehow get a hold of the value of a session variable that is active.
1条回答 默认 最新
- dq_609586475 2016-02-06 22:28关注
In the normal course of events, the only information about a session available to the client is the session ID.
For data stored on the server (even if it connected to the session ID) to be visible to the client then you need either:
- To expose it explicitly
- To have a security vulnerability
本回答被题主选为最佳回答 , 对您是否有帮助呢?解决 无用评论 打赏 举报