From: <[EMAIL PROTECTED]>
> any Proxy operator can do this with any non-SSL connection. One can spy session
> ids in the URL, in the GET-parameters and the POST-parameters, also cookies and
> basic auth passwords, also passwords in html forms - and every bit of data
> that's send back.
>
> Oh, a
Hi stefan,
any Proxy operator can do this with any non-SSL connection. One can spy session
ids in the URL, in the GET-parameters and the POST-parameters, also cookies and
basic auth passwords, also passwords in html forms - and every bit of data
that's send back.
Oh, and firewall operators and r
Hi kheeteck,
as said before - a session id at the end of the URL (as path info, GET parameter
or POST parameter) will not stay there if you don't modify all displayed html
pages. As I understand, you can't modify these pages because thay are on another
server. That means you also can't use a lead