通过静态对象的静态属性访问 asp.net 会话变量是否安全? [英] Is it safe to access asp.net session variables through static properties of a static object?
本文介绍了通过静态对象的静态属性访问 asp.net 会话变量是否安全?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
通过静态对象的静态属性访问 asp.net 会话变量是否安全?
Is it safe to access asp.net session variables through static properties of a static object?
我的意思是:
public static class SessionHelper
{
public static int Age
{
get
{
return (int)HttpContext.Current.Session["Age"];
}
set
{
HttpContext.Current.Session["Age"] = value;
}
}
public static string Name
{
get
{
return (string)HttpContext.Current.Session["Name"];
}
set
{
HttpContext.Current.Session["Name"] = value;
}
}
}
用户A有没有可能通过这种方式访问用户B的会话数据?
Is it possible that userA could access userB's session data this way?
推荐答案
是的,这样很好 - 只要确保你不要这样做:
Yes, that way is fine - just make sure you don't do this:
public static class SessionHelper
{
private static HttpSession sess = HttpContext.Current.Session;
public static int Age
{
get
{
return (int)sess["Age"];
}
set
{
sess["Age"] = value;
}
}
}
正如我所见,这种方式将一个用户的会话数据显示给另一个用户.(尽管在 ASP.NET 1.1 中)
As ive seen this way show one user's session data to another user. (Albeit in ASP.NET 1.1)
这篇关于通过静态对象的静态属性访问 asp.net 会话变量是否安全?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文