Hi there! I'm having problems with a "fusebox" application that requires unique identification for each client connected. At the moment it appears that users are able to bookmark the applications full URL including the CFID and CFTOKEN - essentially hijacking the settings assigned to a previous client. Not good.
To prevent this occurring what wouyld be the best solution? I've considered this: 1. Embedding the main content of the site in a frame that would prevent a user from bookmarking the site with the CFID/CFTOKEN variables embedded. This would force CF to either identify a revisiting client or assign a new CFID/CFTOKEN value. This would also prevent a user from "changing" the CFID/CFTOKEN values. 2. Somehow dumping the CFID/CFTOKEN and assigning a new one if it already exists. The values are being stored in a datasource. Any other ideas? I need to sort this out by Monday at the earliest. Thanks in advance! Regards, Peter Tilbrook ([EMAIL PROTECTED]) ______________________________________________________________________ Why Share? Dedicated Win 2000 Server · PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER Instant Activation · $99/Month · Free Setup http://www.pennyhost.com/redirect.cfm?adcode=coldfusionc FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
