I thought the .ASPXAUTH was for user authentication? Can anyone confirm if this cookie is indeed a security risk and/or contains session information? Is it even suppose to be used or开发者_高级运维 is it some debug thing?
I think you have run into some comments that have to do with Forms Authentication security. You can find more info here: http://visualstudiomagazine.com/articles/2010/09/14/aspnet-security-hack.aspx
What it boils down to is that a clever hacker can discover the machine key used to encrypt the cookeis and create their own forged auth cookies.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论