c# - Is it safe to access asp.net session variables through static properties of a static object?

Question

Welcome To Ask or Share your Answers For Others

c# - Is it safe to access asp.net session variables through static properties of a static object?

posted Oct 24, 2021 in Technique[技术] by 深蓝 (71.8m points)

c# - Is it safe to access asp.net session variables through static properties of a static object?

Is it safe to access asp.net session variables through static properties of a static object?

Here is what I mean:

public static class SessionHelper
{
    public static int Age
    {
        get
        {
            return (int)HttpContext.Current.Session["Age"];
        }

        set
        {
            HttpContext.Current.Session["Age"] = value;
        }
    }


    public static string Name
    {
        get
        {
            return (string)HttpContext.Current.Session["Name"];
        }

        set
        {
            HttpContext.Current.Session["Name"] = value;
        }
    }
}

Is it possible that userA could access userB's session data this way?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Reply

深蓝 · Answer 1 · 2021-10-23T17:47:40+0000

Yes, that way is fine - just make sure you don't do this:

public static class SessionHelper
{

    private static HttpSession sess = HttpContext.Current.Session;
    public static int Age
    {
        get
        {
            return (int)sess["Age"];
        }

        set
        {
            sess["Age"] = value;
        }
    }
}

As ive seen this way show one user's session data to another user. (Albeit in ASP.NET 1.1)

Categories

c# - Is it safe to access asp.net session variables through static properties of a static object?

c# - Is it safe to access asp.net session variables through static properties of a static object?

Please log in or register to add a comment.

Please log in or register to reply this article.

1 Reply

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags