What kind of factor can lead to the resurrection of an expired session?
Stefan
At 01:04 PM 10/13/2004, you wrote:
Hi Stefan,
> I STILL don't understand why UserReferences from a week ago should > lead to session hijacking. Wouldn't this UserReference have expired a > long > time ago? Wouldn't that result in creating a new UserReference? If not, > wouldn't this be considered a bug?
There can be more than one factor involved with why this can happen, and therefore hard to
eliminate.
Keep in mind this problem plagues more web development platforms than just Witango.
This is more of a flaw in the Internet "architecture" brought about by the addition of
user "convenience" - but that convenience is superseded now by security concerns.
Basically, in my opinion - just don't use <@USERREFERENCEARGUMENT> for any reason.
Hope this helpful. Cheers....
> Stefan > > ===================================================== > Database WebWorks: Dynamic web sites through database integration > http://www.DatabaseWebWorks.com > > _______________________________________________________________________ > _ > TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
=====================================================
Database WebWorks: Dynamic web sites through database integration
http://www.DatabaseWebWorks.com
________________________________________________________________________ TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
