[an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive]
 
[an error occurred while processing this directive] [an error occurred while processing this directive]
Skåne Sjælland Linux User Group - http://www.sslug.dk Home   Subscribe   Mail Archive   Forum   Calendar   Search
MhonArc Date: [Date Prev] [Date Index] [Date Next]   Thread: [Date Prev] [Thread Index] [Date Next]   MhonArc
 

Re: [FORENING] Newsportal Was: Nyt websted til SSLUG?



I sslug.forening, skrev Morten Christensen:
>  Jesper Krogh wrote:
> > I sslug.forening, skrev Morten Christensen:
> >> Jesper Krogh wrote:
> >>>Til følsomme oplysninger, er jeg klart fortaler af en Cookie.. 
> >>>
> >> I dette tilfælde er det kun om man er loget på, der skal gemmes.
> >> Det kan man nok ikke lige kalde følsomt :-)
> > 
> > Det syntes jeg da det er:
> > 1) Jesper skriver et indlæg logget på. 
> > 2) Jesper napper linket til indlægget og sender det til
> > dk.edb.system.unix
> > 3) Alle der følger linket og poster, vil have highjacket mit login. 
> > 
>  Hvordan skulle en bruger fra dk.edb.system.unix kunne overtage din
>  session udfra en URL? De vil få deres egen session når browseren 
>  kontakter serveren,hvor login er sat til false. Hvis de prøver
>  at poste checker man om login er sat, eller sendes man til et
>  login script der kan ændre login i sessionen.

Fordi et sessionid nogle gange overføres sådan her:
http://server/?PHPSESSID=asdf576as5df75asf4adsfsaf57a8sfd

>  Selv om jeg åbner 2 browser vinduer på samme maskine, får jeg
>  2 sessioner på serveren når jeg linker til samme dokument.

Ikke hvis du har en cookie sat.. så skal du vælge en browser der ikke
har adgang til den cookie også. 

Jesper
-- 
./Jesper Krogh, sslug@sslug, Jabber ID: sslug@sslug
Danmark har fået sit eget Mozillaforum:
http://forum.mozilladanmark.dk/ eller nntp://news.sslug.dk/mozilladanmark.*



 
Home   Subscribe   Mail Archive   Index   Calendar   Search

 
 
Questions about the web-pages to <www_admin>. Last modified 2005-08-10, 20:40 CEST [an error occurred while processing this directive]
This page is maintained by [an error occurred while processing this directive]MHonArc [an error occurred while processing this directive] # [an error occurred while processing this directive] *