[ale] More on Cookies
Jason Day
jasonday at worldnet.att.net
Mon Sep 8 20:06:37 EDT 2003
On Sat, Sep 06, 2003 at 09:45:51PM -0400, Christopher Fowler wrote:
> I have just used a SMC Wireless AP/Router device. I've logged into the
> web interface and configured it. I noticed that it did not issue me
> a cookie. How can the device truly know that I'm still me each time I
> click a new link on its interface? Does it simply keep track of IP
> Addresses that have logged in?
Most web-based applications can store a session ID in either a cookie,
or as a form variable, either in the URL or as a hidden variable. In
fact, the Java servlet API includes a method in HttpServlet,
encodeURL(), which will rewirte an URL to contain a session ID if
necessary.
Hopefully, your router is doing this, and not just letting anybody in
once a password has been given.
--
Jason Day jasonday at
http://jasonday.home.att.net worldnet dot att dot net
"Of course I'm paranoid, everyone is trying to kill me."
-- Weyoun-6, Star Trek: Deep Space 9
More information about the Ale
mailing list