Mojolicious](http://mojolicious.org) is a web development toolkit and framework for Perl. It is used by quite a few openSUSE projects, such as openQA and Cavil.
It contains session management features that rely on cryptographically signed cookies. While they are still considered reasonably secure, tooling has become available to make attacks much easier. So, for this project we will be looking into the addition of encrypted sessions as an alternative to signed cookies, and for ways to encourage users to use more secure application secrets.
Comments
-
10 months ago by kraih | Reply
Project was successful: https://github.com/mojolicious/mojo/pull/2212
-
9 days ago by jonyjon2121 | Reply
Encrypted sessions in Mojolicious are definitely a step up from just signed cookies, especially with newer tools making attacks easier. Strengthening security like this is as important for frameworks as it is fun for food fans keeping up with weekly cookie drops—if you’re curious, here’s the latest crumble lineup for September 2025
Similar Projects
This project is one of its kind!