[Seaside] sharing sessions through links..
Randal L. Schwartz
merlyn at stonehenge.com
Mon Oct 27 23:24:36 UTC 2008
>>>>> "Julian" == Julian Fitzell <jfitzell at gmail.com> writes:
Julian> We can check an IP address but that isn't entirely secure and is
Julian> problematic if the user gets disconnected from their VPN or whatever
Julian> and gets a new IP.
Or worse... the canonical example being the walled-garden AOL users who got a
different proxy IP address for every connection *within a single page hit*.
As in, main page 1.2.3.4... first image 1.2.3.5... second image
1.2.3.6... form posted via 1.2.3.22.
I always pull that gem out whenever people mumble "session... IP
authentication". It Won't Work.
--
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<merlyn at stonehenge.com> <URL:http://www.stonehenge.com/merlyn/>
Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc.
See http://methodsandmessages.vox.com/ for Smalltalk and Seaside discussion
More information about the seaside
mailing list