[imp] Fwd: Chuck, what am I doing wrong? Why won't anyone
respond to this question?
Eric Rostetter
eric.rostetter at physics.utexas.edu
Wed Aug 11 14:14:17 PDT 2004
Quoting John Schneider <john.schneider at daumcommercial.com>:
> It appears that this would mean a user could potentially bookmark the site
> at an inappropriate time and depending on other circumstances, possibly gain
> unauthorized access to other mailboxes. Is this a correct assumption?
Yes, if you allow url-based sessions.
> If so,
> is their a way to prevent this?
Don't allow url based sessions (use cookie-based sessions instead).
> (Perhaps javascript code to prevent
> bookmarking when a session is present in the URL?)
I'm not sure that would be appropriate...
> Regards,
>
>
>
> John Schneider
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Why get even? Get odd!
More information about the imp
mailing list