[Mono-list] Cross-Browser Session Mixing

David P. Donahue ddonahue at ccs.neu.edu
Mon Jul 11 08:39:01 EDT 2005

> So what do you do without sessions?  Bundle all required data inside
> each page, either in the URL (yuck) or as a set of hidden form
> variables:
> 	<input type="hidden" name="Foo" value="Bar"/>

I came across that same idea back when I began developing websites with 
.NET, but it's not feasible for me from a security standpoint.  Many of 
these values I don't want the user to be able to change before posting 
back to the server, or even see in some cases.  For my needs, the 
information exchange for which I use Session variables must happen 
entirely server-side.

David P. Donahue
ddonahue at ccs.neu.edu

More information about the Mono-list mailing list