Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- Rewriting an Absolute URL with Session IDs
August 16, 2004, 2:28 pm
rate this thread
some absolute URL's, some relative. It's getting a new shopping cart
using sessions, and needs to work without cookies (client's
requirement, non-negotiable) if the user has them disabled. To that
end, I've enabled session.use_trans_sid which handles relative URL's.
The question is, does anyone have a good solution for rewriting
absolute URL's? I know, I know, offsite links could leak sessions and
be a security risk. This particular client has almost zero offsite
links (to Thawte and the like mostly), and there are other
anti-session hijacking measures implemented, so they've decided it's
an acceptable risk.
It's PHP 4.3.x, Apache 2.x, on a dedicated server, so just about any
implementation is possible (no shared hosting provider to beg access
- R. Rajesh Jeba Anbiah
August 17, 2004, 2:15 am
Re: Rewriting an Absolute URL with Session IDs
if ($buffer contains absolute urls of same site)
fix $buffer by appending SID
| Just another PHP saint |