ESAPI Session Management

Revision as of 08:37, 11 December 2008 by Jeff Williams (talk | contribs)

Jump to: navigation, search

Feature Overview


Possible Enhancements

  • Add a secure form tag that does CSRF as well as other form protections like autocomplete
  • Separate session management API and CSRF from the Authentication and HTTP utilities
  • Add a flag to the changeSessionIdentifier method to not copy session content