Domain Forum Acorn Domains Buy Sell Auction UK Domains - View Single Post

sedo · 05-12-2006, 09:17:42 AM

Hi everyone,

Just had a talk with tech about this. As you are aware, if a session ID is posted anywhere and the user is online (meaning the session is still active), you will be logged into the other user's account.

Obviously, this is not desirable. We will be switching to Cookie sessions in the near future to do away with this problem, as we certainly want to make sure our system is as secure as possible.

Again, thank you for bringing this to our attention. Tech's working on the solution right now.

Kind regards,

Brad
brad.tilley@sedo.com

05-12-2006, 09:17:42 AM	#9 (permalink)
sedo Sedo Staff Join Date: Aug 2005 Location: High Holborn, London, UK Posts: 1,055 No Classified Ratings Domain Trader Rating: (100% / 1)	Hi everyone, Just had a talk with tech about this. As you are aware, if a session ID is posted anywhere and the user is online (meaning the session is still active), you will be logged into the other user's account. Obviously, this is not desirable. We will be switching to Cookie sessions in the near future to do away with this problem, as we certainly want to make sure our system is as secure as possible. Again, thank you for bringing this to our attention. Tech's working on the solution right now. Kind regards, Brad brad.tilley@sedo.com __________________ http://www.sedo.co.uk joanna.birch@sedo.com