Hi all, I want to prevent session swapping in an app. When creating a new session structure, is it a good idea to name a key/value pair as a SESSION.URLToken, and then when passing the URLtoken between pages (as appended to the URL), do a check to match the physical URLtoken = SESSION.URLtoken? Or is this taken care of in the background?
Thanks, Mark ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
