On 29/04/10 09:20, Branko Vukelic wrote:
There is very little a malicious visitor could do (directly to your session data) unless your server gets hacked. Sessions are stored in your machine, and the only thing passed to user is the session ID. On the other hand, session IDs can be manipulated in any number of ways, but it's also very difficult to do so.
what about session hijacking? is webpy taking pills for it? :? thank you! -- You received this message because you are subscribed to the Google Groups "web.py" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/webpy?hl=en.
