Carsten Ziegeler wrote:
So I will repeat my proposal here. My idea is to implement (nearly done) a continuations manager that has 3 levels of security:
-----Original Message-----
From: Vadim Gritsenko [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 20, 2004 3:23 PM
To: [EMAIL PROTECTED]
Subject: Re: Possible security problem with flowscript
Carsten Ziegeler wrote:
So what are we going to do about this?
Discussion of this mostly moved to bugzilla #31676.
Which is not a good place to discuss :)
- standard (current functionality)
- continuations invalidated along with session, still the continuation is reachable from other sessions (or no session at all)
- fully isolated. only the session that created the continuation can access it.
For my web applications I would surely go for for full isolation so I would like to have this option in cocoon core (so I do not have to patch every of my projects).
Is there any sense to bind continuations to the sitemap? Vadim?
I am very eager to provide a new production quality continuations manager as soon as the final solution gets agreed upon.
-- Leszek Gawron [EMAIL PROTECTED] Project Manager MobileBox sp. z o.o. +48 (61) 855 06 67 http://www.mobilebox.pl mobile: +48 (501) 720 812 fax: +48 (61) 853 29 65
