WebApp Sec mailing list archives

Re: Maia Mailgaurd http://www.renaissoft.com/maia/

From: Stelian Ene <stelian.ene () gecadtech com>
Date: Mon, 18 Jul 2005 17:54:07 +0300

Christopher Canova wrote:

What are the risks to enforcing session handling using cookies? Will it
break functionality for many people? Are the risks of including the SID
in the URL worse than cookies?


The obvious solution is to present the user with a check box "Use
cookie", checked by default.
If the user unchecks it, revert to the default, url-based session traking.

--
Axigen mail server:
http://www.axigen.com/mail-server/

Attachment: signature.asc
Description: OpenPGP digital signature

Current thread:

Maia Mailgaurd http://www.renaissoft.com/maia/ Christopher Canova (Jul 16)
- Re: Maia Mailgaurd http://www.renaissoft.com/maia/ Chuck (Jul 18)
  - Re: Maia Mailgaurd http://www.renaissoft.com/maia/ Achim Hoffmann (Jul 18)
    - RE: Maia Mailgaurd http://www.renaissoft.com/maia/ Guillaume Vissian (Jul 18)
    - PHP Session ID's focus (Jul 19)
    - Re: Maia Mailgaurd http://www.renaissoft.com/maia/ Chuck (Jul 18)
    - Re: Maia Mailgaurd http://www.renaissoft.com/maia/ Chuck (Jul 18)
    - Re: Maia Mailgaurd http://www.renaissoft.com/maia/ Achim Hoffmann (Jul 20)
    - Re: Maia Mailgaurd http://www.renaissoft.com/maia/ Chuck (Jul 20)
    - Re: Maia Mailgaurd http://www.renaissoft.com/maia/ Achim Hoffmann (Jul 21)
- Re: Maia Mailgaurd http://www.renaissoft.com/maia/ Stelian Ene (Jul 18)
  - Re: Maia Mailgaurd http://www.renaissoft.com/maia/ Andy bentley (Jul 18)