[horde] Problems with multiple instances in mozilla
hans at appliedsec.com
Wed Feb 26 12:34:37 PST 2003
>Correct. You'd have to turn off session cookies (thus losing a lot of
>security) to make this possible.
I was wondering if there's any reference material on Horde & security --
particularly sessions. I was thinking that there would be security
advantages to disabling cookies for my application. What's the thinking
behind the cookies being more secure than session IDs in the URL? (Is
the main issue session hijacking possibilities when cookies are disabled?)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3299 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.horde.org/archives/horde/attachments/20030226/16cec95c/smime-0002.bin
More information about the horde