antville/helma
antville/helma
1
1
Fork 0
Code Issues 5 Pull requests 7 Projects Releases 5 Activity Actions

Better session cookie creation algorithm. Random number and timestamp are now

Browse source 
woven into one number. Both shorter and (presumably) more secure.
This commit is contained in:
hns 2002-07-29 18:11:51 +00:00
parent 7585b72d7f
commit 44aff437b4
1 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/helma/servlet/AbstractServletClient.java
View file

@ -148,8 +148,9 @@ public abstract class AbstractServletClient extends HttpServlet {
// check if we need to create a session id // check if we need to create a session id
if (reqtrans.session == null) { if (reqtrans.session == null) {
reqtrans.session = Long.toString (Math.round (Math.random ()*Long.MAX_VALUE), 16); reqtrans.session = Long.toString (
reqtrans.session += "@"+Long.toString (System.currentTimeMillis (), 16); Math.round (Math.random ()* Long.MAX_VALUE) -
System.currentTimeMillis (), 36);
Cookie c = new Cookie("HopSession", reqtrans.session); Cookie c = new Cookie("HopSession", reqtrans.session);
c.setPath ("/"); c.setPath ("/");
if (cookieDomain != null) if (cookieDomain != null)