Hi Stefan, > I STILL don't understand why UserReferences from a week ago should > lead to session hijacking. Wouldn't this UserReference have expired a > long > time ago? Wouldn't that result in creating a new UserReference? If not, > wouldn't this be considered a bug?
There can be more than one factor involved with why this can happen, and therefore hard to eliminate. Keep in mind this problem plagues more web development platforms than just Witango. This is more of a flaw in the Internet "architecture" brought about by the addition of user "convenience" - but that convenience is superseded now by security concerns. Basically, in my opinion - just don't use <@USERREFERENCEARGUMENT> for any reason. Hope this helpful. Cheers.... > Stefan > > ===================================================== > Database WebWorks: Dynamic web sites through database integration > http://www.DatabaseWebWorks.com > > _______________________________________________________________________ > _ > TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf ________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
