Session-Only Data
For data that needs to persist only as long as the user is actively interacting with your application, the only major consideration you need to make is whether the data is sensitive. For data that can risk exposure over the Internet, you can choose between storing the data on the client or storing the data on the server. An example of storing the data on the client is the use of a cookie, and an example of storing the data on the server is the use of a database as a session data store. For sensitive data, you want to expose it over the Internet as little as possible, so you want to store this information on the server rather than have the client keep up with it.
When I refer to storing the data on the client, I am referring ...
Get HTTP Developer’s Handbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
