[hunchentoot-devel] Sessions not secure?
Edi Weitz
edi at agharta.de
Sun Dec 23 22:31:03 UTC 2007
On Sun, 23 Dec 2007 22:22:22 +0000 (UTC), Sohail Somani <sohail at taggedtype.net> wrote:
> Hypothetically speaking, if I wanted to prevent hijacking by
> guessing, I could just redefine hunchentoot:get-next-session-id.
>
> Does this sound correct?
Yes, I think so.
> Btw, great set of libraries. I don't know how you do it. My theory
> is that you are really three people.
Four... :)
More information about the Tbnl-devel
mailing list