Transfering sessions across domains

Transfering sessions across domains

El Forum
Guest

#11

12-30-2008, 01:54 PM

[eluser]The Wizard[/eluser]
heheh thank you Smile

yes, thats true indeed.

so we make a special table, link it with the users id (via secret key).
on the table, we store all information about the user, (browser type, IP etc.)
and compare it with the user, which try's to login via the secret key.

At least, this would bring somehow a little bit security Smile

i remember a prominent example where gmail was a subject to those session
hijacking where you could gain access to a gmail account of choice.

Smile

damn. security is hard.

Messages In This Thread

Transfering sessions across domains - by El Forum - 11-17-2008, 09:32 AM

Transfering sessions across domains - by El Forum - 11-17-2008, 10:29 AM

Transfering sessions across domains - by El Forum - 11-17-2008, 12:26 PM

Transfering sessions across domains - by El Forum - 12-30-2008, 05:58 AM

Transfering sessions across domains - by El Forum - 12-30-2008, 10:44 AM

Transfering sessions across domains - by El Forum - 12-30-2008, 11:47 AM

Transfering sessions across domains - by El Forum - 12-30-2008, 01:19 PM

Transfering sessions across domains - by El Forum - 12-30-2008, 01:30 PM

Transfering sessions across domains - by El Forum - 12-30-2008, 01:42 PM

Transfering sessions across domains - by El Forum - 12-30-2008, 01:45 PM

Transfering sessions across domains - by El Forum - 12-30-2008, 01:54 PM

Transfering sessions across domains - by El Forum - 12-30-2008, 01:57 PM

Transfering sessions across domains - by El Forum - 12-30-2008, 01:58 PM

Transfering sessions across domains - by El Forum - 12-30-2008, 02:02 PM

Transfering sessions across domains - by El Forum - 12-31-2008, 07:28 AM