anyone have better suggetions on Session Security? this is really only a
problem when it's used in URL rewriting, but it should be solved, people are
not trusting cookies, for some reason they don't want the server to know
where they have been through the site..
Blake Binkley
667 Woodward St.
San Marcos, CA 92069
Home: (760) 744-9086
Cell: (760) 505-6591
E-Mail: [EMAIL PROTECTED]
ICQ: 752498
AIM: mordronlafey
MSIM: mordron
Yahoo: mordron
-----Original Message-----
From: David Wall [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 10, 2001 11:36 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: automated URL rewriting
> I had something along the same lines, I have added an object which stores
> the users IP in the session
Wouldn't this break for users who access through proxy server banks, like
those on AOL? It seems I've watched a single user come in from AOL and seen
several IP addresses (I guess they multiplex the requests across several
proxy servers). Also, every user behind a proxy server will have the same
IP address shown.
David
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
