On Wednesday 12 May 2004 19:24, Thomas Fini Hansen wrote:
> You can't trust HTTP_REFERER either, some 'security software' diables
> them, in Opera it's just F12->Enable referrer logging, and then there
> seems to be the odd people that got a static referrer... How that
> messes with the above is left as an exercise for the reader. ;)
Well, I don't think it's _that_ important. 
IMO, there are security flows in both Cookie and URL SID transmission approaches.
>
> I'd go with the belt and braces approach. On the first hit, set the
> cookie *and* use URL session. On the next hits, drop the URL encoding
> if you get the cookie.
Nice way too, but I have yet to think if it will play nicely with search engines..

-- 
sdmitry -=- Dmitry V. Sabanin
MuraveyLabs.
Spam Here -> postmaster / sco.com