If you send someone a link or bookmark with the CFID and CFTOKEN in the
URL, then you can accidentally give someone's session to another user.
At 10:24 AM 1/16/01 +0000, Kola Oyedeji wrote:
>You may be able to if they have cookies switched off and cfid and cftoken
>are visible in the url, if you also have cookies
>switched off and use their cfid and cftoken you may be able to inherit their
>session - in theory but i have never tried it!
>
>
>
>-----Original Message-----
>From: CHADA REDDY [mailto:[EMAIL PROTECTED]]
>Sent: 15 January 2001 17:57
>To: Fusebox
>Subject: capturing someone else session id??
>
>
>hi everyone,
>
>i am having an problem... Is there any way can I
>capture someone else session. I know my own session
>
>thanks
>chada
>
>=====
>Chada L Reddy
>Web Developer
>412-690-3140 Off
>860-478-9915 Cell
>[EMAIL PROTECTED]
>-----------------------------
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
