I need a url for using that for a template. Now there are two ways of storing the url and use that again in python I guess…
One is using session to store that URL and get it later whenever we need it…
or
Second is using cookies to store that URL and get it later..
So which method is more appropriate in terms of security ?
Is there any other method in python which is more better for storing the url and use that later, which is more secure..?
While using cookies somebody can easily change the information I guess, in sessions also somebody can hijack it and make the changes….
I don’t think “session hijacking” means what you think it means. The only thing someone can do with session hijacking is impersonate a user. The actual session data is stored on the back end (eg in the database), so if you don’t give the user access to that particular data then they can’t change it, whether they’re the actual intended user or someone impersonating that user.
So, the upshot of this is, store it in the session.
Edit after comment Well, you’d better not allow any information to be sent to your server then, and make your website browse-only.
Seriously, I don’t see why “session data” is any less secure than anything else. You are being unreasonably paranoid. If you want to store data, you need to get that data from somewhere, either from a calculation on the server side, or from user submissions. If you can’t calculate this specific URL on the server side, it needs to come from the user. And then you need to store it on the server against the particular user. I don’t see what else you want to do.