9 Jul
2001
9 Jul
'01
6:38 a.m.
On Sun, Jul 08, 2001 at 11:50:42PM +0200, Dieter Maurer wrote: [...]
With cookie based authentication, you simply kill the cookie. [...]
Really? Just think, what happens if the user manually copies it's cookie and stores it back on the browser? You have to tell the server to forget, that this cookie is authorized ... ? (I'm not sure on that ... ) -- Christian Theune - ct@gocept.com gocept gmbh & co.kg - schalaunische strasse 6 - 06366 koethen/anhalt tel.+49 3496 3099112 - fax.+49 3496 3099118 mob. - 0178 48 33 981 reduce(lambda x,y:x+y,map(lambda x:chr(ord(x)^42),tuple('zS^BED\nX_FOY\x0b')))