did you even try it (or reading the post) before starting bashing around :-P ??? those cookies contains crypted (and signed) data. No user can "read" the contents.
On Tuesday, October 16, 2012 5:59:20 PM UTC+2, VP wrote: > > I think cookie-based sessions is great for many cases. But in some > cases, it might not be desirable as clients can see what might be secret > information. > > Why not both? Maybe, two types of sessions, client-side and server-side > sessions. Although both client and server side sessions are meant to > maintain states, they are appropriate for different things. > --