Heyo! I can tell you obviously aren't a fan of the article.
One thing I would say though: just check out the point of the article. I'm not telling people to do anything insane. I'm trying to encourage people to simplify their apps, their code, and often their security strategy by simply using cookies.
They can both contain the exact same info, transmit the same data (in the same way! via http headers), and provide very little differences in terms of implementation/API.
What I'm suggesting here is simpler, quicker, and more secure than what I've described as the problem.
And... I'm not the only one saying this stuff. OWASP, Thomas Ptacek (a well-known security researcher), and many othersmart people constantly try to dissuade people from doing the things I mention above. This isn't anything obscure that I'm talking about.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Heyo! I can tell you obviously aren't a fan of the article.
One thing I would say though: just check out the point of the article. I'm not telling people to do anything insane. I'm trying to encourage people to simplify their apps, their code, and often their security strategy by simply using cookies.
They can both contain the exact same info, transmit the same data (in the same way! via http headers), and provide very little differences in terms of implementation/API.
What I'm suggesting here is simpler, quicker, and more secure than what I've described as the problem.
And... I'm not the only one saying this stuff. OWASP, Thomas Ptacek (a well-known security researcher), and many other smart people constantly try to dissuade people from doing the things I mention above. This isn't anything obscure that I'm talking about.