spacedman wrote: > /foo/bar/info?session_id=0873556323 > > BUT if anyone gets that URL they get that person's session. Which is a > BAD thing. So don't do that.
Unless you check that the IP from which the request is coming is the same IP from which the initial request came. -pu --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~----------~----~----~----~------~----~------~--~---