[Seaside] Session Protector [was Seaside subsets]

Rick Flower rickf at ca-flower.com
Wed Feb 14 18:31:07 UTC 2007

Boris Popov wrote:
> Rick,
> Session protector stores the remote address of a user and checks it for
> every request to prevent most obvious session hijacking (url copying),
> especially when not using session cookies. There are a number of
> limitations, but not many downsides to using it, so it's a good idea to
> have it place working with other measures to secure your applications.

Thanks Boris -- I probably got it from you! (8->

I'll keep it in place then and add some comments to make it clear what
its doing..

More information about the Seaside mailing list