Posted by OmegaJunior on 02/02/07 07:59

On Fri, 02 Feb 2007 02:57:38 +0100, bob.chatman@gmail.com
<bob.chatman@gmail.com> wrote:

> On Feb 1, 2:37 pm, "sid" <sidwe...@alexian.net> wrote:
>>
>> I am using vs 4.1.2
>> Yes, I can make the session work if I allow it to place its id on the
>> url.
>> But, thats not what I wanted. I was expecting it to be hidden.
>>
>> Sid.
>
> thats an issue with the client's browser. The sessions cookies are
> used only if they are accepted by the client. Otherwise it defaults to
> the URL string.
>

Which can be checked and configured easily enough. You can set the session
configurations to use nothing but cookies; that way it won't ever try to
create a sessionid in the url. Then you can create a cookie on a front
page which you check on a subsequent page, to see whether or not the
client accepts cookies. If they don't, ask them to allow their browser to
accept cookies for your web site. Would they do that? Yes, if they value
their security. (Not that it's very secure by itself, but it's a start.)

--
Using Opera's revolutionary e-mail client: http://www.opera.com/mail/

[Back to original message]