Almost a year ago, I mentioned JINC: storing JSON IN a Cookie. Today I notice
JSON Cookies, which "uses prototype.js and json.js to store and retrieve JSON data from cookies". Is it finally time for the idea to take off?
yes, with standard caveats
fansipans on 2007-04-19T14:26:11
"JINC" sounds like another great addition to the arsenal of free JavaScript libraries out there. Especially as a way to maintain state on the client side, it sounds badass.
My eyebrows definitely raise though at the general mention of cookies for data storage. Cookies are just as untrustable as any other user input, and should
never be relied on for authentication, authorization, or used to reflect the inner workings of a web site, or
especially to hold any sensitive information.
I was amazed back in my PHP days how many developers and libraries chucked sensitive information with just a sprinkling of base64 into a user's cookie. I've even seen code eval'ed from cookie data
... *
shiver*