Mailing List Archive: 49091 messages
  • Home
  • Script library
  • AltME Archive
  • Mailing list
  • Articles Index
  • Site search

[REBOL] Re: RWT: Cookies

From: rebol:laurent-chevalier at: 5-Mar-2003 8:24

Hi Petr, I'm using this function to generate unique and secure session ID in my rsp.cgi : build-id: has [ id ][ random/seed join now/precise either config/log-path [ checksum read config/log-path ][ checksum to-string now/precise ] until [ id: make string! (config/session-key-length + 5) loop config/session-key-length [ append id first random ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 ] not exists? to-file rejoin [config/session-dir id ext] ] id ] Note the definition of a unique seed with random/seed to avoid repetition of ID. I'm getting entropy that to checksum read configl/log-path that depends on the users of the service and so can be guess by any hacker. See the code and documentation at Regards, Laurent Maarten Koopmans wrote: