Hi, We would like to create a unique string when a user logs in and pass the string between actions. Each user can compare the incoming string with the one stored in the session to assert whether the request is coming from within the application or from a malicious external source. What mechanism can we use to pass this string around? Passing as params to the actions ,may not be an option as it can be seen in the URL. Thanks, Yash -- Posted via http://www.ruby-forum.com/.
Reasonably Related Threads
Wisdom of the Ancients
