Answer the question
In order to leave comments, you need to log in
User authentication and registration without cookies?
What is the best way to avoid using cookie authentication on the site?
This is when the user logged into the account, created a cookie, or clicked remember me, also without creating a cookie to remember the user.
Answer the question
In order to leave comments, you need to log in
There are actually two points here:
1. How to store the session on the client
You can store it inside the DOM of the page (for example, as a hidden form parameter), inside a JS variable, or in the browser's LocalStorage. If permanent storage is meant (after closing the page) - then the alternative to cookies is only LocalStorage.
2. How to transfer it to the server.
You can pass it as a request parameter or as a header (if the requests are via Ajax).
But the main question is why do this, because. all of these methods are less secure than HTTP Only cookies, any XSS vulnerability will lead to session hijacking.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question