Raymond,
I was reading over your Powerpoint presentation last week (ColdFusionMX
Application Security), and I just remembered something I had a quick
question about...
On the last page of the presentation you have the following:
Extra Cookie-less Security
----------------------------
Pass encrypted key in URL
Like cookie-less session
Use session variable
Need to pass session.urlToken
Need to coordinate session/login timeout.
I was just wondering what this was referring to, and if maybe you could
expand a little more on it...Specifically the "Pass encrypted key in URL"
part. Also the pass session.urlToken part too...what's the deal with that?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4
Subscription:
http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Get the mailserver that powers this list at http://www.coolfusion.com
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
