[Seaside] seaside sessions and http(s) - security
Philippe Marschall
philippe.marschall at gmail.com
Tue Sep 11 15:59:08 UTC 2007
2007/9/11, Leandro Perez <leandromperez at gmail.com>:
>
>
> On 9/10/07, Philippe Marschall <philippe.marschall at gmail.com> wrote:
> >
> > > Is there some way of protecting against such a url copy and paste?
> >
> > If the browsers are on different machines and not NATed then you can
> > use WASessionProtector (add it as a decoration to your root
> > component). You can also store the session key in a cookie instead of
> > the url.
> >
> > Cheers
> > Philippe
>
>
>
> How do you manage to store the session key in a cookie?
In the configuration of you application set "Use Session Cookie" to true.
Cheers
Philippe
> regards,
> Leandro
>
> _______________________________________________
> Seaside mailing list
> Seaside at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>
>
More information about the seaside
mailing list