[Seaside] Passing links around - a security issue?

Jens Pall jens at axonspace.com
Wed Jan 24 12:49:29 UTC 2007


One thought: Is it a security issue to pass links generated by Seaside 
to someone else? Is it possible to hijack the session this way?

Consider this:

You log on to a seaside site.
You copy a link from inside the site and pass it to someone else (by 
e-mail for example).
That someone else clicks on your link and has gained access to your session.

Hopefully I have this completely wrong and am just talking nonsense. If 
not, what is the correct and safe way to pass links (to internal 
sources) to external parties?


More information about the Seaside mailing list