|
|
|
|
|
|
by jarrett
4365 days ago
|
|
|
> Most of this frameworks enable sessions by default True, but in my experience, the major frameworks don't automatically lock out users with cookies disabled. For example, on a Rails app with no before_filter on the homepage, you can start the server and do this: echo "GET / HTTP/1.1" | nc localhost 3000
You should get back the homepage HTML. |
|
|