Olympus-OM
[Top] [All Lists]

RE: [OM] Wide Angle site

Subject: RE: [OM] Wide Angle site
From: "Olaf Greve" <o.greve@xxxxxxx>
Date: Wed, 20 Jun 2001 10:04:48 +0200
Hi,

> Could it be my "beloved" AOL???  Maybe something to do with Javascript or
something?

As many of you are aware, I am the one who made the Wide Angle site. At one
point, URLs were passed in which the session identifier was present, this
resulted in other people being able to access the shopping basket of the
person who sent the URL. While this is not a great problem, I still deemed
this to be undesireably behaviour, hence I implemented code to tie sessions
to the originating IP address. This, however, caused some problems for
people who access the site through proxies and/or load balancers, so the
solution was to limit the IP checking to the subdomain, rather than to a
unique IP address.

So far, I have not heard of people still being unable to access the site. If
someone (like happened yesterday) passes a URL containing a session ID and a
referrer, upon following that URL (from a different subdomain than the
poster of the URL has), one will indeed get the "Session expired" message
(this is exactly the way I designed and implemented it). Clicking on the
"refresh session" link should work however. Please let me know if someone
still has problems accessing the site after having clicked on this link.
Also, if people have difficulties accessing the site when typing
http://www.wide-angle.nl (or http://www.wide-angle.org for that matter),
please let me know too, and I will think of a different mechanism for the
shopping basket.

Cheers!
Olafo


< This message was delivered via the Olympus Mailing List >
< For questions, mailto:owner-olympus@xxxxxxxxxxxxxxx >
< Web Page: http://Zuiko.sls.bc.ca/swright/olympuslist.html >


<Prev in Thread] Current Thread [Next in Thread>
Sponsored by Tako
Impressum | Datenschutz