class SafeCookie
This Class demonstrates an anti-tamper cookie.
Modern browsers make it somewhat difficult for the casual user to damage a cookie,
but since cookies are part of the HTTP request (and nothing in an HTTP request can
be trusted) it is useful to have a strategy to add a measure of trust to cookies.
This class uses a salted md5() string to make a "mirror" of the cookie value. Any
change in the value of the cookie will be detected. In this case the damaged
cookie will be removed and the SafeCookie::get() method will return False. If the
cookie is shown to be intact, the cookie value (minus the salted digest) will be
returned.
The cookie looks like this:
cookieValue|salted_md5_digest
To the left of the pipe is the value of the cookie. To the right of the pipe is
the md5() of the SALTed value.
As long as the SALT string is unknown to the attacker, there is almost no chance
that a tampered cookie will be consumed.
To see the Class in action, install the class script along with the "demo" and
"aux" scripts in the same directory of your web server. Then run the demo script
and try clicking the links to refresh the browser.
On the first execution of the "demo" script the cookie is not yet present, but
it will be set. On the second and subsequent execution of the "demo" script you
will see the cookie being returned over and over again.
To see what happens if the cookie is damaged, click the appropriately labeled
link, then go back and refresh the browser window with the "demo" script. You
will see that the damaged cookie is not returned by SafeCookie::get()
|