Re: Re: Cookies at XML Europe 2004 -- Call for Participation

Cart

XML Editor - Download a Free Trial >

See What's New >

Buy Now >

[Home] [By Thread] [By Date] [Recent Entries]

To: Joshua Allen <joshuaa@m...>
Subject: Re: Re: Cookies at XML Europe 2004 -- Call for Participation
From: Rich Salz <rsalz@d...>
Date: Mon, 05 Jan 2004 15:48:32 -0500
Cc: Elliotte Rusty Harold <elharo@m...>, Edd Dumbill <edd@u...>,David Kunkel <DKunkel@i...>, XML-DEV <xml-dev@l...>
In-reply-to: <0E36FD96D96FCA4AA8E8F2D199320E529FBC22@R...>
References: <0E36FD96D96FCA4AA8E8F2D199320E529FBC22@R...>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4b) Gecko/20030507

> The login token stored in the cookie can always be embedded in the URL
> path, which is what ASP.NET does when you set the "cookieless auth"
> setting to true.  I've also done this in non-ASP systems

Yeah, I explicitly ignored that kind of thing since it seems it would be 
  an even greater violation of REST, and Elliotte "RESTy" Harold's :) 
initial point.

	/r$
-- 
Rich Salz, Chief Security Architect
DataPower Technology                           http://www.datapower.com
XS40 XML Security Gateway   http://www.datapower.com/products/xs40.html
XML Security Overview  http://www.datapower.com/xmldev/xmlsecurity.html

References:
- RE: Re: Cookies at XML Europe 2004 -- Call for Participation
  - From: "Joshua Allen" <joshuaa@m...>

Prev by Date: Re: Re: Cookies at XML Europe 2004 -- Call for Participation
Next by Date: RE: Formalism and complexity
Previous by thread: RE: Re: Cookies at XML Europe 2004 -- Call for Participation
Next by thread: RE: Re: Cookies at XML Europe 2004 -- Call for Participation
Index(es):
- Date
- Thread

XML Editor - Download a 15 Day Free Trial Now >

See What's New in Stylus Studio >

Buy Stylus Studio - XML Editor - Now >