Re: Session ID in query string

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Sandy Keathley wrote:
> Using PHP 4.3.9, we have these settings:
>
> session.use_cookies = 1
> session.use_only_cookies = 1
> session.use_trans_sid = 0
>
> (verified by a display of phpinfo() )
>
> with the goal of preventing URLs with session IDs appended.  That
> works fine, but when a page is validated by W3C, it throws an error,
> and indicates that a link on the page (which contains a query string),
> also contains the session ID.  If I click the link, it doesn't show the
> session ID, but W3C can see it.

W3C can't see anything you can't see with "View Source" in your browser.

So is the session ID there or not?...

W3C claims it is: You claim it isn't.

One of you has to be wrong. :-)

Your PHP code could easily be creating a URL with the session ID in it.

Or W3C could be incorrectly interpreting your HTML.

-- 
Like Music?
http://l-i-e.com/artists.htm

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux