9 May 11:27
Forcing clients to enable cookies?
From: Stefan Müller-Wilken <stefan.mueller-wilken <at> resco.de>
Subject: Forcing clients to enable cookies?
Newsgroups: gmane.comp.apache.mod-security.user
Date: 2008-05-09 09:27:38 GMT
Subject: Forcing clients to enable cookies?
Newsgroups: gmane.comp.apache.mod-security.user
Date: 2008-05-09 09:27:38 GMT
Dear all, one of my customers has introduced a security policy by which all web applications have to do their session handling via cookies. Rather than doing the boilerplate code in all web apps I'd like to check in only one place if client browsers allow cookies and send them to an error page if not. Is there a way to use mod_security to do the trick? Or would I be better off using mod_rewrite instead? Conceptionally I would have set a cookie, force a reload, and on the next access, see if the cookie is still there, right? But how can I do that? Would be great if someone could give me an idea! Cheers Stefan. Resco GmbH Geschäftsführer: Michael Mörchen Amtsgericht Hamburg, HRB 76048 Ust.Ident-Nr.:DE208833022 Haftungsausschluss: Diese Nachricht ist ausschließlich für die Person oder Einheit bestimmt, an die sie gerichtet ist. Sie enthält unter Umständen Informationen, die unter geltendem Recht vertraulich, gesetzlich geschützt oder von der Offenlegung ausgeschlossen sind. Falls Sie nicht der vorgesehene Empfänger oder verantwortlich für die Weiterleitung dieser Nachricht an den vorgesehenen Empfänger sind, ist es Ihnen strengstens untersagt, diese Nachricht offenzulegen, zu verteilen, zu kopieren oder in irgendeiner Art zu benutzen. Sollten Sie diese Nachricht versehentlich erhalten haben, benachrichtigen Sie bitte den Absender und löschen und vernichten Sie jegliche Kopie davon, die Sie möglicherweise erhalten haben. Disclaimer: This message is intended only for the use of the individual or entity to which it is addressed and may contain information which is privileged, confidential, proprietary, or exempt from disclosure under applicable law. If you are not the intended recipient or the person responsible for delivering the message to the intended recipient, you are strictly prohibited from disclosing, distributing, copying, or in any way using this message. If you have received this communication in error, please notify the sender and destroy and delete any copies you may have received. ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
RSS Feed