Lists

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Re: Bookmarkable URLs, DirectAction and getting rid of wosid??

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bookmarkable URLs, DirectAction and getting rid of wosid??

Subject: Re: Bookmarkable URLs, DirectAction and getting rid of wosid??
From: Guido Neitzer <email@hidden>
Date: Sun, 22 Feb 2009 12:25:07 -0800

On 22.02.2009, at 12:09, Lachlan Deck wrote:

I have the simplest "WOHelloWorld" app where I am not able to get rid of the wosid from the DirectAction URL.
In your Session class' constructor...
setStoresIDsInCookies( true );
setStoresIDsInURLs( false );

The hard part might be if any page requires specific session data. Either the app can handle that (coming to any page without a session and creating one from there) or you have to build a direct action based app.

I'd get rid of that method (performActionNamed) right away - it's a security issue par excellence. I'd rather build specific methods and not allow anybody to go to any page by just name guessing.

cug
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden



References:  
  >Bookmarkable URLs, DirectAction and getting rid of wosid?? (From: Karthik N <email@hidden>)
  >Re: Bookmarkable URLs, DirectAction and getting rid of wosid?? (From: Lachlan Deck <email@hidden>)




Prev by Date:
Re: Bookmarkable URLs, DirectAction and getting rid of wosid??

Next by Date:
Re: Bookmarkable URLs, DirectAction and getting rid of wosid??

Previous by thread:
Re: Bookmarkable URLs, DirectAction and getting rid of wosid??

Next by thread:
Re: Bookmarkable URLs, DirectAction and getting rid of wosid??

Index(es):

Date
Thread