(keitai-l) Re: Losing Sessions on WAP servlet app

From: Curt Sampson <cjs_at_cynic.net>
Date: 05/26/05
Message-ID: <Pine.NEB.4.62.0505261026490.1557@angelic.cynic.net>
On Thu, 26 May 2005 necrodome@gmail.com wrote:

> why don't you try url rewriting for session management?

It's better to use cookies if you can:

     The bad part about using URL rewriting is that bookmarks and links
     that people send-around include the session ID, which can result in
     inadvertant session hijacking.

     http://www.keitai-dev.net/keitai-wiki?SessionHandling

BTW, there's some other useful stuff on the above page as well. I've got
some nice tricks for starting out with URL rewriting and dynamically
switching to cookies, if the browser will return them, that I should
really post there one day.

cjs
-- 
Curt Sampson  <cjs@cynic.net>   +81 90 7737 2974

***   Contribute to the Keitai Developers' Wiki!   ***
***        http://www.keitai-dev.net/wiki/         ***
Received on Thu May 26 04:29:33 2005