cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefano Mazzocchi <>
Subject Re: Fwd: [jetty-discuss] Microsoft IE7 compromise of session security
Date Mon, 03 Oct 2005 15:44:24 GMT
Tony Collen wrote:
> Pier Fumagalli wrote:
>> I found this on the Jetty list, and thought it was relevant as in the 
>> examples we tend to encode the continuation ID into the URL...
>> This is f***ing scary!!!
>>     Pier
> Maybe it's time we make Cocoon automatically pull the continuation ID  
> from a session tied to a cookie.

That would prevent us from the ability to have (or detect!) multiple 
browser windows, as a cookie is not per-window, but per-browser.


View raw message