Quiz: Secure Web directories and development, answer No. 3
The correct answer is: False
The value of a hidden
form field can be easily read by anyone viewing the page source. An attacker can look through
Web pages stored in a computer's cache and use or change the value in order to try to fraudulently
access other information. The correct way to handle sensitive information is by using session
variables or a temporary database record.
Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.