owltide

History

Hornwitser 1775fac5fd Refactor sessions to frequently rotate In order to minimise the window of opportunity to steal a session, automatically rotate it onto a new session on a frequent basis. This makes a session cookie older than the automatic rollover time less likely to grant access and more likely to be detected. Should a stolen session cookie get rotated while the attacker is using it, the user will be notificed that their session has been taken the next time they open the app if the user re-visits the website before the session is discarded.	2025-07-07 22:50:59 +02:00
..
admin	Refactor sessions to frequently rotate	2025-07-07 22:50:59 +02:00
dev	Refactor sessions to frequently rotate	2025-07-07 22:50:59 +02:00

Hornwitser 1775fac5fd Refactor sessions to frequently rotate

In order to minimise the window of opportunity to steal a session,
automatically rotate it onto a new session on a frequent basis.  This
makes a session cookie older than the automatic rollover time less
likely to grant access and more likely to be detected.

Should a stolen session cookie get rotated while the attacker is using
it, the user will be notificed that their session has been taken the
next time they open the app if the user re-visits the website before the
session is discarded.

2025-07-07 22:50:59 +02:00

admin

Refactor sessions to frequently rotate

2025-07-07 22:50:59 +02:00

dev

Refactor sessions to frequently rotate

2025-07-07 22:50:59 +02:00