[horde] Problems with multiple instances in mozilla

Hans Lellelid hans at appliedsec.com
Wed Feb 26 12:34:37 PST 2003


Hi -

>Correct. You'd have to turn off session cookies (thus losing a lot of
>security) to make this possible.
>  
>

I was wondering if there's any reference material on Horde & security -- 
particularly sessions.  I was thinking that there would be security 
advantages to disabling cookies for my application.  What's the thinking 
behind the cookies being more secure than session IDs in the URL?  (Is 
the main issue session hijacking possibilities when cookies are disabled?)

Thanks,
Hans

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3299 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.horde.org/archives/horde/attachments/20030226/16cec95c/smime-0002.bin


More information about the horde mailing list