markbrown4 — 2010-05-11T01:25:12-04:00 — #1
Can we simply override document.cookie to prevent it being stolen?
crmalibu — 2010-05-11T11:44:15-04:00 — #2
As far as cookies go, read up on the httponly flag. http://www.owasp.org/index.php/HttpOnly