[TYPO3-mvc] encrypd cookies in TYPO3
Helmut Hummel
helmut.hummel at typo3.org
Fri Dec 19 21:26:41 CET 2014
Hey Muriel,
On 19.12.14 16:08, Muriel le Pair wrote:
> Philipp Gampe schreef op 19-12-14 15:30:
>> There are no such functions, because they do not make sense.
I disagree, that it does not make sense to encrypt cookie values.
But indeed there is nothing related to that in TYPO3 core.
> Maybe I'm over paranoid, it's not that I want to store sensitive
> information it's just that I don't want to store any information that
> makes any sense.
It is a good practice to encrypt cookie values. Since there are no
methods for that in TYPO3, just use e.g. mcrypt with a good secret when
storing and retrieving cookie values. I would suggest that you write a
small wrapper class for that yourself.
Kind regards,
Helmut
--
Helmut Hummel
Release Manager TYPO3 6.0
TYPO3 CMS Active Contributor, TYPO3 Security Team Member
TYPO3 .... inspiring people to share!
Get involved: typo3.org
More information about the TYPO3-project-typo3v4mvc
mailing list