开发者

Methods to set a session token by url

I'm writing up a secu开发者_JAVA技巧rity document and it would be great if programmers in other languages than PHP could chime in on (perhaps the default) way sessions are passed by URL in their language's default session handler.

eg. PHPSESSION=token in PHP

Oh, and if yes does it also use cookies?


ColdFusion has CFID and CFTOKEN by default in cookie but possible in URL.


Aurelien isn't wrong, but you're probably better off using the built-in URLtoken session variable:

someapp.login.cfm?urltoken=#session.urltoken#

Or, perhaps better, the generic SessionID

someapp.login.cfm?SessionID=#session.SessionID#

See: Adobe ColdFusion 9 References - Standard Session Variables

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜