HTTP Authentication may be RESTful, but it’s not very USEful. Read more
Archive for July 25th, 2007
Prevent Session Hijacking in Web Application
July 25, 2007Trying to prevent session hijacking is a pain in the butt, especially since replay attacks by-pass pretty much any mechanism you can put into place (aside from using HTTPS). I’ve read suggestions about using things liked hashed (with a salt) User-Agent strings that get appended to the url and checked, in addition to the actual session id (coming from a cookie). Anyone have a particular idea that works well, or have any suggestions on things that really should be avoided? See more at link
The ICFP Programming Contest
July 25, 2007The ICFP Programming Contest is a programming competition to be held the weekend of July 20 – 23, 2007. Link
