Benefit with session-id in URL/page vs. session cookies: zero cross-site request forgery <https://en.wikipedia.org/wiki/Cross-site_request_forgery> risk.
On 29.08.20 08:53, Tomas Hlavaty wrote: > Hi Grant, > > On Sat 29 Aug 2020 at 01:04, Grant Shangreaux <shshos...@protonmail.com> > wrote: >>> I suspect other apps cannot handle this. >> i thought this was probably the case. just wondered if someone out >> there may have tried and come up with a solution already :) > unfortunately, httpGate has a fatal flaw: when a session ends, users end > up with a dead url. You have to train your users to know what to do in > such situation. > > This could be fixed by adding a fallback case to httpGate. > > Or simply use a different server, where this is easier to do already. > For example, see nginx config with fallback described here > https://logand.com/blog/picolisp-behind-nginx-proxy.html > > Cheers > > Tomas >
