Howdy,
When passing a URLtoken (e.g., #session.URLtoken#) in the URL to
maintain state on public sites, are there any real security concerns?
I've seen reference to this in a couple of places, but never an explicit
explanation on what the real security implications might be. Would
encrypting the URLtoken be better?
TIA,
Chris Montgomery [EMAIL PROTECTED]
Web Development & Consulting http://www.astutia.com
Allaire Consulting Partner & NetObjects Reseller
210-490-3249/888-745-7603 Fax 210-490-4692
Allaire Software Sale! http://www.astutia.com/store
Find a Job in San Antonio http://www.sajobnet.com
------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.