More than 3000 questions in repository. There are more than 900 unanswered questions. Click here and help us by providing the answer. Have a video suggestion. Click Correct / Improve and please let us know.
Ans. Session storage can be accessed from XSS (Cross site Scripting) attacks but cookies (if set with "HttpOnly" and "Secure" flags) are more safer against these attacks.
Help us improve. Please let us know the company, where you were asked this question :
Ans. Session Cookie, because session storage can be accessed from XSS (Cross site Scripting) attacks but cookies (if set with "HttpOnly" and "Secure" flags) are more safer against these attacks.
Help us improve. Please let us know the company, where you were asked this question :
Ans. A cookie is a small piece of text stored on a user's computer by the browser for a specific domain. Commonly used for authentication, storing site preferences, and server session identification.
Help us improve. Please let us know the company, where you were asked this question :
Ans. Cookie and Session are used to store the user information. Cookie stores user information on client side and Session does it on server side. Primarily, Cookies and Session are used for authentication, user preferences, and carrying information across multiple requests. Session is meant for the same purpose as the cookie does. Session does it on server side and Cookie does it on client side. One more thing that quite differentiates between Cookie and Session. Cookie is used only for storing the textual information. Session can be used to store both textual information and objects.
Help us improve. Please let us know the company, where you were asked this question :
Ans. Session tracking is a mechanism that servlets use to maintain state about a series requests from the same user across some period of time. The methods used for session tracking are:
User Authentication - occurs when a web server restricts access to some of its resources to only those clients that log in using a recognized username and password
Hidden form fields - fields are added to an HTML form that are not displayed in the client's browser. When the form containing the fields is submitted, the fields are sent back to the server
URL rewriting - every URL that the user clicks on is dynamically modified or rewritten to include extra information. The extra information can be in the form of extra path information, added parameters or some custom, server-specific URL change.
Cookies - a bit of information that is sent by a web server to a browser and which can later be read back from that browser.
HttpSession- places a limit on the number of sessions that can exist in memory.
Help us improve. Please let us know the company, where you were asked this question :
Ans. http protocol on its own is stateless. So it helps in identifying the relationship between multiple stateless request as they come from a single source.
Help us improve. Please let us know the company, where you were asked this question :
Ans. Session info in the request can be intercepted and hence a vulnerability. Cookie can be read and write by respective domain only and make sure that right session information is being passed by the client.
Help us improve. Please let us know the company, where you were asked this question :
LikeDiscussCorrect / Improve j2ee servlets session session management web applications cookies httpsession architecture
More than 3000 questions in repository.
Discuss 
session storage security
Asked in 1 Companies
Try 2 Question(s) Test
basic 
frequent
Which of the following session method is used to disassociate / disconnect all objects from the session
