HTTP state management without cookies?
Michael Ströder
michael at stroeder.com
Fri Feb 22 06:34:25 EST 2002
Paul Rubin wrote:
>
> mod_rewrite lets you do all kinds of neat stuff.
Hmm, I'd like to rephrase that to "mod_rewrite let's you do all kind
of dirty stuff".
I consider the configuration and change managment of your server and
application to be a nightmare and security risk if you rely on
handling of session IDs implemented in the server's mod_rewrite
configuration.
Ciao, Michael.
More information about the Python-list
mailing list