I am new to web-development. I was reading about session cookies and if what I understood is correct, the server stored the session data and gives the browser an ID which is saved as a cookie till logged out or browser is closed.
But what happens if I edit the ID stored in the cookie to some random ID and if a user exist with that ID,wouldn't I be able to login to that account? Or is there anything more than an ID for verification?
Aucun commentaire:
Enregistrer un commentaire