Y
Hacker News
new
|
ask
|
show
|
jobs
by
ebiester
1140 days ago
Sure. You maintain the entire application state in session scope or some sort of internal state. It was possible, but it was hell.
1 comments
PaulHoule
1140 days ago
Or the other way around, you keep as much as you can on the client but use nonces in critical requests to prevent (accidental) replays.
link