Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

added a method to renew session id on auth to prevent session fixation #218

Open
wants to merge 1 commit into
from

Conversation

Projects
None yet
1 participant

vogan commented Mar 28, 2013

call this method during user authentication to prevent session fixation
attacks. the old, unauthenticated session id is re-generated in order to
start a "new" session after login

added "renew_session_id" method
call this method during user authentication to prevent session fixation
attacks. the old, unauthenticated session id is re-generated in order to
start a "new" session after login
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment