search
Page cover
githubEdit

flaskFlask

chevron-rightFlask session cookiehashtag
circle-info

Follows the format: Payload.Timestamp.Signature

Part 1 (Payload)
eyJ1c2VyX2lkIjo1LCJ1c2VybmFtZSI6InRva3lvIn0

  • Decoded: {"user_id": 5, "username": "tokyo"}

  • This is the actual session data.

Part 2 (Timestamp)
aWKOWw

  • This represents the time when the cookie was created.

Part 3 (Signature)
nCRg8rcB70usxtqPXEUgtXmZuEM

  • This is a cryptographic signature used to verify that the data has not been tampered with.

  • Use HMAC with SHA-512 or SHA-256

https://github.com/Paradoxis/Flask-Unsignarrow-up-right

PreviousSquid ProxyNextVulnerabilities

Last updated