[Mono-list] Cross-Browser Session Mixing
David P. Donahue
ddonahue at ccs.neu.edu
Mon Jul 11 08:39:01 EDT 2005
> So what do you do without sessions? Bundle all required data inside
> each page, either in the URL (yuck) or as a set of hidden form
> variables:
>
> <input type="hidden" name="Foo" value="Bar"/>
>
I came across that same idea back when I began developing websites with
.NET, but it's not feasible for me from a security standpoint. Many of
these values I don't want the user to be able to change before posting
back to the server, or even see in some cases. For my needs, the
information exchange for which I use Session variables must happen
entirely server-side.
Regards,
David P. Donahue
ddonahue at ccs.neu.edu
http://www.cyber0ne.com
More information about the Mono-list
mailing list