Home page logo

webappsec logo WebApp Sec mailing list archives

Re: improvements in session management?
From: Michael Ströder <michael () stroeder com>
Date: Thu, 01 Apr 2004 09:23:38 +0200

dd wrote:

This could include checking things like user agent, acceptable languages, but better by adding data that changes on each request via cookie, form field, etc (call this the SINGLEUSEID).

I see some problems with the usability (browser's back-button and concurrent HTTP requests for images) when implementing session IDs which are only valid for the next hit.

Ciao, Michael.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]