https://stackoverflow.com/questions/16133970
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianNo because the key never goes through the network between server and browser. Session variables are stored in memory in the server machine. The attacker can only read the key if he gains access to the machine or if he can read from the machine's memory
Packet Sniffing and Sessions
質問
Let us say that I have a website and that I created a session containing an encryption key. Can a packet sniffer such as Fiddler be able to get the contents of this session, thus compromising the website's security?
解決
所属していません StackOverflow
