Easily Change Session IDs
Brought to you by:
drew_csillag,
smulloni
Menu
▾
▴
#2 Easily Change Session IDs
Maybe a method can be added for HttpConnection that
will change the session id when called. For example:
a = CONNECTION.getSession()
CONNECTION.changeSessionID()
This would change the cookie value along with the
session id value stored on the server. (I guess there
would be a related session method in the Session class.)
Changing the session-id value before any critical
action takes place is a good idea, security-wise ...
this would make it easier to do this.