View the step-by-step solution to:

To keep track of a user, a server may include a user's identifier as a hidden and encrypted form field, so that it comes back with every form

To keep track of a user, a server may include a user's identifier as a hidden and encrypted form field, so that it comes back with every form submission. What risk does this entail?


  1. A malicious user modifies the hidden field and submits a request for another user
  2. The user identifier is leaked and can be sniffed
  3. A cross-site request forgery can get hold of the identifier
  4. The identifier can be used in a code injection attack

Top Answer

Sign up to view the full answer

Why Join Course Hero?

Course Hero has all the homework and study help you need to succeed! We’ve got course-specific notes, study guides, and practice tests along with expert tutors.

-

Educational Resources
  • -

    Study Documents

    Find the best study resources around, tagged to your specific courses. Share your own to gain free Course Hero access.

    Browse Documents
  • -

    Question & Answers

    Get one-on-one homework help from our expert tutors—available online 24/7. Ask your own questions or browse existing Q&A threads. Satisfaction guaranteed!

    Ask a Question
Ask a homework question - tutors are online