Basically, I've got a project with a huge number of existing pages,
some absolute URL's, some relative. It's getting a new shopping cart
using sessions, and needs to work without cookies (client's
requirement, non-negotiable) if the user has them disabled. To that
end, I've enabled session.use_tra ns_sid which handles relative URL's.
The question is, does anyone have a good solution for rewriting
absolute URL's? I know, I know, offsite links could leak sessions and
be a security risk. This particular client has almost zero offsite
links (to Thawte and the like mostly), and there are other
anti-session hijacking measures implemented, so they've decided it's
an acceptable risk.
It's PHP 4.3.x, Apache 2.x, on a dedicated server, so just about any
implementation is possible (no shared hosting provider to beg access
from)
Thanks
some absolute URL's, some relative. It's getting a new shopping cart
using sessions, and needs to work without cookies (client's
requirement, non-negotiable) if the user has them disabled. To that
end, I've enabled session.use_tra ns_sid which handles relative URL's.
The question is, does anyone have a good solution for rewriting
absolute URL's? I know, I know, offsite links could leak sessions and
be a security risk. This particular client has almost zero offsite
links (to Thawte and the like mostly), and there are other
anti-session hijacking measures implemented, so they've decided it's
an acceptable risk.
It's PHP 4.3.x, Apache 2.x, on a dedicated server, so just about any
implementation is possible (no shared hosting provider to beg access
from)
Thanks
Comment