I am analysing some session variables in an HTTP header, and I noticed that it's composed by 3 blocs: One large bloc (coded in base64) with informations about the session; One little bloc with the time stamp And one last bloc with a SHA1 hash.
So my question is, is the last bloc used to detect the integrity of the session variable ? If so, how does this bloc is calculated ? Is there a standard for its calculation ?
Aucun commentaire:
Enregistrer un commentaire