On Fri, Sep 17, 2010 at 7:06 PM, Paul McNett <[email protected]> wrote: > http://www.theinquirer.net/inquirer/news/1732956/security-researchers-destroy-microsoft-aspnet-security > > -or- > > http://bit.ly/cIG9R7
Hi Paul, >From what I understand this is only a problem if the cookie contains sensitive data. Generally you would keep only a session ID in the cookie, which is next to useless for a hacker. Well, at least that's the way I would do things! -- Paul _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/[email protected] ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
