30 Mar
2006
30 Mar
'06
9:45 a.m.
Chris Withers schrieb: ...
what way? http basic auth is a standard. cookie auth isn't, and it's always insecure no matter how you implement it
they are both equally insecure - while you can make the cookie (as session auth) a little more secure - but after all its worth nothing as long as you dont transfer the credentials initially encrypted :-) ++Tino