On Mar 21, 2007, at 11:08 PM, Preston Lee wrote: > I'm neither a Rails nor cryptography expert, but the threat of > session hijacking is a very important issue
It's an important issue when you're trying to have a secure session. When you're just using the session for some flash variables I don't see the point in using an overly secure session system. I think we should document the various session stores very well and tell people what to use in which circumstances. Developers aren't small children, we don't have to make their decisions for them. Manfred --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group. To post to this group, send email to rubyonrails-core@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/rubyonrails-core?hl=en -~----------~----~----~----~------~----~------~--~---
