I'm using session cookies to store CFID and CFTOKEN. Concern: If there's no user-distinguishing cfid/cftoken in the URL, isn't a page in danger of being cached (since the URL is no longer unique), and then getting served to a user in a different session? (When I write "cached" I mean cached by an ISP's or network's caching server, *not* by the client or by CF server.)
(There's also the idea of using no-cache headers, etc. Buy I want to keep this post short. More on that later...) I was recently burned by not having considered caching servers before, and I ended up with some crossed sessions as a result. (Long story, won't get into it now.) Anyway, I want to make sure I'm covering all my bases this time. Thanks, Jamie ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/lists.cfm?link=t:4 Subscription: http://www.houseoffusion.com/lists.cfm?link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. http://www.cfhosting.com
