Page 1 of 1
javascript: persistent vars, a only-local cookie?
Posted: Thu Dec 09, 2004 6:55 am
by davips
Hello,
is there any cookie configuration that don't allow the server to see
the data?
Or is there any workaround that holds javascript variables without sending them across the web?

I've used iframes for that, but it's not simple and flexibe enough.
Thanks a lot in advance!

Posted: Thu Dec 09, 2004 6:59 am
by Chris Corbyn
Not too sure what you're trying to acheive here. Why would you not like the server to see the data? Do you need to remember the variable across multiple sessions or just during that particular session in the browser?
security purposes
Posted: Thu Dec 09, 2004 8:26 am
by davips
I crypt the userpassword+serverrandomnumber with md5(javascript implementation) and send the result to the server.
At the first time it's ok, but i need to keep the userpassword in the client
side during the user's navigation and do the test every time without asking to the user the password again.
Actually, the session is: md5(randomnumber + md5(password))
randomnumber -> is received from the server every access
md5(password) -> is necessary to javascript every access
thanks
why don't send to the server
Posted: Thu Dec 09, 2004 8:29 am
by davips
it's not good send the password or the md5(password) to the server for security reasons. if it stays in client side, only the session var will be public