You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@unomi.apache.org by "Serge Huber (JIRA)" <ji...@apache.org> on 2018/04/25 18:42:00 UTC
[jira] [Created] (UNOMI-178) Make it possible to pass sessionId as
a body parameter instead of just a URL parameter
Serge Huber created UNOMI-178:
---------------------------------
Summary: Make it possible to pass sessionId as a body parameter instead of just a URL parameter
Key: UNOMI-178
URL: https://issues.apache.org/jira/browse/UNOMI-178
Project: Apache Unomi
Issue Type: Improvement
Components: core
Affects Versions: 1.3.0-incubating
Reporter: Serge Huber
Fix For: 1.3.0-incubating
Currently the event servlet and the context servlet require a sessionId be passed in the URL, which might be problematic if the URL is then stored in logs files, as session hijacking could be possible.
One way to solve this would be to allow the sessionId to be passed as a HTTP POST BODY parameter (in ContextRequest and EventsCollectorRequest).
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)