From: "Jon Robison" <[EMAIL PROTECTED]>
> What about sockets? I am in the middle of trying to use $c =
> $r->connection and $c->remote_addr as part of the cookie name. (So far
> I am having trouble with the fact that remote_addr returns packed info,
> and I am still searching for how to unpack
To insert a new comment on this old item:
What about sockets? I am in the middle of trying to use $c =
$r->connection and $c->remote_addr as part of the cookie name. (So far
I am having trouble with the fact that remote_addr returns packed info,
and I am still searching for how to unpack it - i
There seems to be some confusion over exactly what we're talking about...
Apache::Session may work fine for creating a unique session ID, however this
thread has really been about how to ensure that a session hasn't been
hijacked. People have been suggesting various bits of info they could get
fr
Yes I remember reading about this some time ago. Of course I am short on
specifics, but IIRC those were some sort of signature put in by ISPs who
were bundling IE, and the id transmitted only configuration info but not
specific user details.
> From: Stephen Adkins <[EMAIL PROTECTED]>
> Date: Fri,
fliptop wrote:
> Joe Breeden wrote:
>>
>> How does this work in an environment with two (or more) computers with the
>> exact same configuration, and probably the same HTTP_USER_AGENT behind the
>> same proxy? How do you know that one user isn't using another users session?
>
> you don't. the s