在客户端用HTTP cookie或者隐藏表单字段存储会话状态有很大的安全风险——它将应用程序的一部分内部内容暴露给了非受信任的客户层。
Storing session state in the client using HTTP cookies or hidden form fields has significant security risks — it exposes a part of your application internals to the untrusted client layer.
如果您使用证书来对客户端进行身份验证,为了减低这种风险,您应该减少信任存储库中签署者的数量以尽可能减少证书数。
If you are using certificates for client authentication, to reduce this risk, you should reduce the number of signers in the trust store to the minimum number possible.
这些类是具有无等待端的队列,在这里,一个NHRT可以请求读或写某些数据(具体取决于类),而不存在阻塞的风险。
These are queues that have a wait free side where an NHRT can request to read or write some data (depending on the class) without the danger of blocking.
应用推荐