WebApp Sec mailing list archives
Re: (clarification) GET and POST Methods Accepted
From: Chris Shiflett <shiflett () php net>
Date: Fri, 14 Oct 2005 17:12:16 -0400
Derick Anderson wrote:
This extremely irritating behavior can be stopped in PHP by setting a php.ini variable ("use_only_cookies" if memory serves).
The session.use_trans_sid directive is what controls whether PHP conditionally rewrites URLs to include the session identifier. The feature has always been optional to my knowledge.
Chris
Current thread:
- RE: (clarification) GET and POST Methods Accepted Evans, Arian (Oct 13)
- RE: (clarification) GET and POST Methods Accepted Joe Teff (Oct 13)
- RE: (clarification) GET and POST Methods Accepted Amit Klein (AKsecurity) (Oct 14)
- RE: (clarification) GET and POST Methods Accepted Thomas Schreiber (Oct 14)
- <Possible follow-ups>
- RE: (clarification) GET and POST Methods Accepted Jeff Robertson (Oct 14)
- RE: (clarification) GET and POST Methods Accepted Amit Klein (AKsecurity) (Oct 14)
- Re: (clarification) GET and POST Methods Accepted Andrew van der Stock (Oct 14)
- RE: (clarification) GET and POST Methods Accepted Derick Anderson (Oct 14)
- Re: (clarification) GET and POST Methods Accepted Chris Shiflett (Oct 14)
- Re: (clarification) GET and POST Methods Accepted Greg Skouby (Oct 16)
- Re: (clarification) GET and POST Methods Accepted Chris Shiflett (Oct 14)