If you are using Client variables (or even session vars) not passing the URLTOKEN will sometimes 'cause sessions to go nuts.
You will always need to pass URLTOKEN if you want to guarantee that your sessions will not get hijacked! If you set addtoken="no" you will then need to explicitly pass the URLTOKEN in the string. Cheers Niklas > -----Original Message----- > From: Robertson-Ravo, Neil (REC) > [mailto:[EMAIL PROTECTED]] > Sent: Friday, October 11, 2002 9:32 AM > To: '[EMAIL PROTECTED]' > Subject: RE: [ cf-dev ] addtoken="No" > > > Ah, I always set it to no. > > -----Original Message----- > From: Giles Roadnight [mailto:[EMAIL PROTECTED]] > Sent: 11 October 2002 09:32 > To: [EMAIL PROTECTED] > Subject: Re: [ cf-dev ] addtoken="No" > > > I thought that the default was to add a token. If I leave the > attribute off > I always get the token added. > ----- Original Message ----- > From: "Robertson-Ravo, Neil (REC)" > <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Friday, October 11, 2002 9:25 AM > Subject: [ cf-dev ] addtoken="No" > > > > Anyone had any problems where not adding addtoken="no" to > the cflocation > tag > > will cause it to add the token. > > > > CF4.5x > > > > Thanks > > > > N > > > > -- > > ** Archive: > http://www.mail-archive.com/dev%> 40lists.cfdeveloper.co.uk/ > > > > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > For human help, e-mail: [EMAIL PROTECTED] > > > > > -- > ** Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/ > > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > For human help, e-mail: [EMAIL PROTECTED] > > -- > ** Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/ > > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > For human help, e-mail: [EMAIL PROTECTED] > -- ** Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] For human help, e-mail: [EMAIL PROTECTED]
