That why I mentioned the token. Do a per session cookie that contains their token, goes away when they close the browser, but is already there if they open a new tab.
-----Original Message----- From: Nick McClure [mailto:[EMAIL PROTECTED] Sent: Saturday, April 28, 2007 7:49 PM To: CF-Community Subject: RE: I need an opinion How do you deal with PAT users? Here I'd say 35% of all traffic comes from one IP because of various firewalls and concentrators. > -----Original Message----- > From: Loathe [mailto:[EMAIL PROTECTED] > Sent: Saturday, April 28, 2007 7:13 PM > To: CF-Community > Subject: RE: I need an opinion > > To be honest that is a very real security flaw, and should be fixed. > > Now with both IE and FF having tab browsing, and even before when a > window > spawned from a parent window, both shared a single session, it wasn't > as big > of a deal, honestly I tend to limit connections by ip and token so you > don't > run into these kinds of issues. > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Macromedia ColdFusion MX7 Upgrade to MX7 & experience time-saving features, more productivity. http://www.adobe.com/products/coldfusion?sdid=RVJW Archive: http://www.houseoffusion.com/groups/CF-Community/message.cfm/messageid:233493 Subscription: http://www.houseoffusion.com/groups/CF-Community/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.5
