Hey all,
Just want to start a discussion, whether or not it is safe to send the session id with an email.
This is what is posted in the mail: http://gedviewtest/mygedview.php?PHPSESSID=c622504ea99fbbc757d71b360a99
Am I jumping too high and is it no big deal, or is it worth discussing?
Regards,
Roland
Hi Roland,
Thanks for bringing this up. I think it would be better not to send the session id. I will strip it from the URL that is added to the email.
It depends on your PHP configuration whether you will get this in the emails or not.
--John
Log in to post a comment.
Hey all,
Just want to start a discussion, whether or not it is safe to send the session id with an email.
This is what is posted in the mail:
http://gedviewtest/mygedview.php?PHPSESSID=c622504ea99fbbc757d71b360a99
Am I jumping too high and is it no big deal, or is it worth discussing?
Regards,
Roland
Hi Roland,
Thanks for bringing this up. I think it would be better not to send the session id. I will strip it from the URL that is added to the email.
It depends on your PHP configuration whether you will get this in the emails or not.
--John