Serge Huber created UNOMI-178:
---------------------------------
Summary: Make it possible to pass sessionId as a body parameter
instead of just a URL parameter
Key: UNOMI-178
URL: https://issues.apache.org/jira/browse/UNOMI-178
Project: Apache Unomi
Issue Type: Improvement
Components: core
Affects Versions: 1.3.0-incubating
Reporter: Serge Huber
Fix For: 1.3.0-incubating
Currently the event servlet and the context servlet require a sessionId be
passed in the URL, which might be problematic if the URL is then stored in logs
files, as session hijacking could be possible.
One way to solve this would be to allow the sessionId to be passed as a HTTP
POST BODY parameter (in ContextRequest and EventsCollectorRequest).
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
