With the exponential growth the web has witnessed in the last decade, both in terms of services and technical sophistication, many new technologies have come to the aid of developers in order to develop better products, more efficiently.

As new libraries and frameworks begin to gain momentum and establish themselves as the new de-facto standards, experienced and new developers alike, will frequently need to revisit “the basics”.

One such example, and the focus of this paper, is the use of sessions to introduce a persistent state over HTTP. Although securing a session can be done with ease, it is not uncommon to find educational material or public forums which fail to explain the importance of using unique and strong session secrets.

Download our paper for more information.

Download PDF