[Seaside] sharing sessions through links..

Philippe Marschall philippe.marschall at gmail.com
Mon Oct 27 16:21:55 UTC 2008

2008/10/27 Randal L. Schwartz <merlyn at stonehenge.com>:
>>>>>> "Julian" == Julian Fitzell <julian at fitzell.ca> writes:
> Julian> Unless you take action to prevent it, yes. This problem isn't unique
> Julian> to Seaside, of course; any system with session keys in URLs will be
> Julian> have the same problem. You can, of course, configure the session key
> Julian> to be stored in cookies, which eliminates the problem.
> Of course, you trade one problem for another there.

There are also strange cases of mobile users who change IPs (this
affects WASessionProtector).

Isn't there a Max Payne quote along the lines of:

if the only choice you've got is to do the wrong thing, then it's not
really the *wrong* thing, is it?


More information about the seaside mailing list