I'm trying to think of a way not to allow people to inadvertedly share a session by sending each other a url with their cfid and cftoken in it. Of course we can just make sure that those are not passed as url parameters, but I'm thinking if there's a way to check if this is a session initiated by someone else. Do you guys have any ideas?
Thanks ______________________________________________________________________ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
