Http Basics
Takeaway from http basics always send sensitive data over post (and not get request!) always send a redirect after sucessful login (so the data get’s flushed out of the client memory) always create a new session after sucessful login (Session Fixation) sha256: b98a2764ae1ac790fee3451f8e70f147420578c159d179332b8b29cbd7239e75