From: <bst...@jb...> - 2006-04-28 17:19:12
|
Is that a serious problem? AFAICT, this would happen in one of two ways: 1) A broken client. I doubt detecting an empty JSESSIONID to help broken clients is going to be a priority. 2) A client deliberately trying to do something bad. Haven't thought hard about it, but don't see what harmful thing a client could do with an empty JSESSIONID. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3940214#3940214 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3940214 |