right. i'll wrap my reply to you and mr hanlin into one response. the USUALLY rely on cookies. as in, this is the default behaviour. one has to add code to get them to be passed in the URL. perhaps i'm paranoid, but i prefer the cookie method from a security standpoint. it's too easy to sniff a URL and snatch someone's ID that way. spoofing a session becomes as easy as writing to a text file. Chris Olive, DOEHRS Website Administrator -----Original Message----- From: JustinMacCarthy [mailto:[EMAIL PROTECTED]] Sent: Friday, September 08, 2000 9:14 AM To: [EMAIL PROTECTED] Subject: Re: Eh... no they don't , you can use CFID , CFTOKEN (UrlToken) in the URL instead...... They CAN use cookies , but that is something different... ~Justin MacCarthy From: "Olive, Christopher M Mr NMR" > um...you do understand that client and session >variables rely on cookies, > right? specifically, CFID and CFTOKEN. ---------------------------------------------------------------------------- -- Archives: http://www.mail-archive.com/[email protected]/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. ------------------------------------------------------------------------------ Archives: http://www.mail-archive.com/[email protected]/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
