hm i am realy sure that i dont delete it, but i posted a pic in our guild forums. After 1-2 hours someone told me that he was logged in as neko when he opens the link o.O
he deleted the link XD but maybe someone deleted the pic the somehow ... bluub, i simple reposted the pic, so its ok now ^^
baba ~ neko
My favorite browser (IE -_-) tends to put the session ID behind the URL in the location... NEVER
post a link to this page if it contains the session id (some cryptic 32bit number). It's really your (and your browsers) own fault if you do that.
The server uses the session ID to identify you, if someone knows your session ID, he can theoretically gain access to your data (well not really, he can be logged in as you, but he cannot see your password). So what happens is:
1. you're logged in with a certain session ID
2. you post a link to this page containing that session ID
3. someone clicks that before your session ends
4. the server identifies that person as yourself via the session ID
I guess my security around that isn't too tight, but it's pretty much standard. By guessing a session ID (as I said it's 32 bit, so guessing it is so unlikely you can't even imagine), you can gain access to a lot of websites that use sessions. So always check the links you're posting, even though the Internet Explorer is the only browser I know that acts stupid like that, it might happen in other browsers too, so be careful.