Request Tokens to protect against Session Hijacking

By Paladion

November 16, 2005

Joe Hanink has written an excellent piece on Session Hijacking and Request Tokens in Wikipedia. He shows how Request tokens meet some of the objectives of Page Tokens that we discussed in the August issue of Palisade, and Request Tokens are simpler to implement.

There's more discussion on Request Tokens and Page Tokens in our comments section.

Tags: Uncategorized