Hi, all I am running tomcat as application server and using session to store objects which will determine what dynamic content will be displayed. It's typical, but I have the following question:
1. Where is the session variable stored? server side or client cookie? 2. If variables stored in server side, is it possible to fake it and is there a proof of concept exists? 3. If variable stored in client cookie, I have the same question for point 2. Thanks, Vincent ----------------------------------------------------------------- 每天都 Yahoo!奇摩 海的顏色、風的氣息、愛你的溫度,盡在信紙底圖 http://tw.promo.yahoo.com/mail_premium/stationery.html --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
