[Security]: Storing list of servers in a cookie might be dangerous

[geezee]

I noticed that the information (username, password, host, port) about every server I add are stored in a cookie.

Some browsers do not limit a cookie for a specific port, so theoretically the software I'm working on with my coworkers (running a clone locally on another port) could be sending the cookies I send to a remote test server and exposing my credentials in genghis_rb_servers. While it's usually safe, I think a malicious software running on localhost could exploit this.

I suggest keeping these sensitive information in a session rather than in the cookie.