Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Distinguish LiftSession uniqueId from underlyingId.
What used to be uniqueId is now called underlyingId, to indicate the fact that it is tied to the underlying host’s session id. A new uniqueId is introduced, which is secure and unique, and is not tied to the host id and cannot be used to look the session up in the future. The only place that is currently continuing to use uniqueId is when we emit the id into the page as data-lift-session-id for cache-busting purposes. The underlying id used to be emitted into the page, which triggered some small security concerns, so we switch to this model to be on the safe side.
- Loading branch information
1 parent
62d4021
commit f18e340
Showing
3 changed files
with
19 additions
and
10 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters