Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Assume we have a website that asks the user for his name.
The website then stores this value in a cookie, and on the next page, retrieves it via PHP and uses it somehow (perhaps the page displays the name as text).
Could a user modify the cookie data to inject malicious code? Should cookie data be sanitized as it’s retrieved by the script?
(This is a hypothetical scenario. Obviously a cookie wouldn’t be necessary here.)
Inject malicious code? Not PHP code, but you are right that you should sanitize cookie values before working with them.
Cookies can be easily modified, added and deleted by users and should be treated as untrusted user input. They are just as prone to XSS and SQL injection vunlerabilities as any other user input.
Further, unless you’re using SSL, cookies are just as prone to sniffing as GET or POST data in a request. Malicious internet services can intercept or modify cookies. Also see Firesheep for an example of how cookies can be misused and mistrusted.