how safe is it to use session variables - asp.net / c#

Session state is kept entirely server-side, no matter which storage method you use (in-memory, session state server or database).

So unless your server is hacked, Session variables are safe. And in case your server does get hacked, the hacker would only have access to the data in his own session, unless he finds a way to analyze the IIS process’ memory.

More Related Contents:

Session Variable with if/else statement in Views?
Keeping ASP.NET Session Open / Alive
Web app blocked while processing another web app on sharing same session
How to set session timeout in web.config
Advantages of Cache vs Session
Access HttpContext.Current from different threads
HttpContext.Current.Session is null in Ashx file
What is the best way to determine a session variable is null or empty in C#?
How to delete cookies on an ASP.NET website
How to Kill A Session or Session ID (ASP.NET/C#)
How to share sessions between PHP and ASP.net application?
What is the difference between a Session and a Cookie in ASP.net?
Unable to serialize the session state
C# Clear Session
Can OWIN middleware use the http session?
‘Session’ does not exist in the current context
converting a base 64 string to an image and saving it
Using static variables instead of Application state in ASP.NET
Why AppDomain.CurrentDomain.BaseDirectory not contains “bin” in asp.net app?
Pattern for calling WCF service using async/await
Get text/value from textbox after value/text changed server side
Asp.net core Identity successful login redirecting back to login page
Stop SQL query execution from .net Code
Persist FileUpload Control Value
Decoding all HTML Entities
Datatable to html Table
Mobile Device Detection in asp.net
The entity type ApplicationUser is not part of the model for the current context
Encrypting Web.Config
IIS Request.UserHostAddress returning IPV6 (::1), even when IPV6 disabled

how safe is it to use session variables – asp.net / c#

Leave a Comment Cancel reply