At 08:39 25.05.2001 +1200, you wrote: >And there lies the rub. > >The user is using the system to process client A. The cookie contains >stateful information including the client ID. > >They then open an new browser window, and lookup client B, recieving a >new session ID with new state information, including the client ID. Why are you doing this. client B probably sends a valid session ID, so why does he get a new one? >(Oh and telling the users 'Don't Do That' does not work either :^) Never does. Joachim -- "... ein Geschlecht erfinderischer Zwerge, die fuer alles gemietet werden koennen." - Bertolt Brecht - Leben des Galilei
- Re: Appending Sessionid to all the urls Joachim Zobel
- Re: Appending Sessionid to all the urls Jay Jacobs
- Re: Appending Sessionid to all the urls kheeteck
- Re: Appending Sessionid to all the urls Julian Gilbey
- Re: Appending Sessionid to all the urls Stuart Frew
- Re: Appending Sessionid to all the urls Julian Gilbey
- Re: Appending Sessionid to all the urls darren chamberlain
- Re: Appending Sessionid to all the urls stefan weiss
- Re: Appending Sessionid to all the urls Jay Jacobs
- Re: Appending Sessionid to all the urls Stuart Frew
- Re: Appending Sessionid to all the urls Joachim Zobel
- Re: Appending Sessionid to all the urls ___cliff rayman___
- Re: Appending Sessionid to all the urls Stuart Frew
- Re: Appending Sessionid to all the urls Chip Turner
- Re: Appending Sessionid to all the urls brian moseley