From mboxrd@z Thu Jan  1 00:00:00 1970
Delivered-To: chneukirchen@gmail.com
Received: by 10.229.49.16 with SMTP id t16cs178915qcf; Sun, 3 Oct 2010
 10:03:27 -0700 (PDT)
Return-Path: <rack-devel+bncCP_V2_zRBRDd7qLlBBoEJFIlIQ@googlegroups.com>
Received-SPF: pass (google.com: domain of
 rack-devel+bncCP_V2_zRBRDd7qLlBBoEJFIlIQ@googlegroups.com designates
 10.229.2.132 as permitted sender) client-ip=10.229.2.132;
Authentication-Results: mr.google.com; spf=pass (google.com: domain of
 rack-devel+bncCP_V2_zRBRDd7qLlBBoEJFIlIQ@googlegroups.com designates
 10.229.2.132 as permitted sender)
 smtp.mail=rack-devel+bncCP_V2_zRBRDd7qLlBBoEJFIlIQ@googlegroups.com;
 dkim=pass header.i=rack-devel+bncCP_V2_zRBRDd7qLlBBoEJFIlIQ@googlegroups.com
Received: from mr.google.com ([10.229.2.132]) by 10.229.2.132 with SMTP id
 4mr3082369qcj.25.1286125407341 (num_hops = 1); Sun, 03 Oct 2010 10:03:27
 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com;
 s=beta; h=domainkey-signature:received:x-beenthere:received:received:received
 :received:received-spf:received:received:received:from:subject:date
 :message-id:to:mime-version:x-mailer:x-original-sender
 :x-original-authentication-results:reply-to:precedence:mailing-list
 :list-id:list-post:list-help:list-archive:sender:list-subscribe
 :list-unsubscribe:content-type:content-transfer-encoding;
 bh=lg3+GHtid8XqqZUnUpKMvyLEcllhAGjTC/tSfmLoV/Q=;
 b=yhO3YV10x2hcC4N2P232T+NT5TFYTapRd43fKP76aaZSvKLfqEz4A1XUY/zD8u+mSb
 holbd9vPcKqujTakukbJ54HZMoqL4o3Dz37+JjWzCnpc4heDwl5ZBXTmxACyFUz9yGlY
 JmZLc4H9VV6QqlOj5cGC/ZGDqAdOISP6SCR1o=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlegroups.com; s=beta;
 h=x-beenthere:received-spf:from:subject:date:message-id:to
 :mime-version:x-mailer:x-original-sender
 :x-original-authentication-results:reply-to:precedence:mailing-list
 :list-id:list-post:list-help:list-archive:sender:list-subscribe
 :list-unsubscribe:content-type:content-transfer-encoding;
 b=ETlnjwSDKXeZzMR25p7nXJJzRwnYaBWG18LvhNh/nk32ZPFKKxNE98ykmQeNbUCN2k
 fPWHqK3nKnMNVCS4OcDHPkuyIYhzgOng0ewU/Z1Dlkq1bJWkMIBPVSgAPOpyq3NzMn1m
 g42shppVcC6JOiBxmEERvRKWYd8nPp5hUFOes=
Received: by 10.229.2.132 with SMTP id 4mr603281qcj.25.1286125405854; Sun, 03
 Oct 2010 10:03:25 -0700 (PDT)
X-BeenThere: rack-devel@googlegroups.com
Received: by 10.224.66.218 with SMTP id o26ls1222195qai.3.p; Sun, 03 Oct 2010
 10:03:25 -0700 (PDT)
Received: by 10.224.45.139 with SMTP id e11mr2230543qaf.15.1286125405225;
 Sun, 03 Oct 2010 10:03:25 -0700 (PDT)
Received: by 10.224.45.139 with SMTP id e11mr2230541qaf.15.1286125405199;
 Sun, 03 Oct 2010 10:03:25 -0700 (PDT)
Received: from mail-qy0-f172.google.com (mail-qy0-f172.google.com
 [209.85.216.172]) by gmr-mx.google.com with ESMTP id
 x2si2167922qcq.11.2010.10.03.10.03.24; Sun, 03 Oct 2010 10:03:24 -0700 (PDT)
Received-SPF: pass (google.com: domain of jftucker@gmail.com designates
 209.85.216.172 as permitted sender) client-ip=209.85.216.172;
Received: by mail-qy0-f172.google.com with SMTP id 5so33875qyk.3 for
 <rack-devel@googlegroups.com>; Sun, 03 Oct 2010 10:03:24 -0700 (PDT)
Received: by 10.229.214.73 with SMTP id gz9mr6077609qcb.167.1286125401225;
 Sun, 03 Oct 2010 10:03:21 -0700 (PDT)
Received: from [192.168.101.4] ([199.172.203.5]) by mx.google.com with ESMTPS
 id l13sm4237442qck.7.2010.10.03.10.03.19 (version=TLSv1/SSLv3
 cipher=RC4-MD5); Sun, 03 Oct 2010 10:03:20 -0700 (PDT)
From: James Tucker <jftucker@gmail.com>
Subject: Should we continue to support session in params?
Date: Sun, 3 Oct 2010 14:03:17 -0300
Message-Id: <979DB45B-64D5-40F9-9592-F0CC0126E007@gmail.com>
To: rack-devel@googlegroups.com
Mime-Version: 1.0 (Apple Message framework v1081)
X-Mailer: Apple Mail (2.1081)
X-Original-Sender: jftucker@gmail.com
X-Original-Authentication-Results: gmr-mx.google.com; spf=pass (google.com:
 domain of jftucker@gmail.com designates 209.85.216.172 as permitted sender)
 smtp.mail=jftucker@gmail.com; dkim=pass (test mode) header.i=@gmail.com
Reply-To: rack-devel@googlegroups.com
Precedence: list
Mailing-list: list rack-devel@googlegroups.com; contact
 rack-devel+owners@googlegroups.com
List-ID: <rack-devel.googlegroups.com>
List-Post: <http://groups.google.com/group/rack-devel/post?hl=en_US>,
 <mailto:rack-devel@googlegroups.com>
List-Help: <http://groups.google.com/support/?hl=en_US>,
 <mailto:rack-devel+help@googlegroups.com>
List-Archive: <http://groups.google.com/group/rack-devel?hl=en_US>
Sender: rack-devel@googlegroups.com
List-Subscribe:
 <http://groups.google.com/group/rack-devel/subscribe?hl=en_US>,
 <mailto:rack-devel+subscribe@googlegroups.com>
List-Unsubscribe:
 <http://groups.google.com/group/rack-devel/subscribe?hl=en_US>,
 <mailto:rack-devel+unsubscribe@googlegroups.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable

There's an option in the sessions infrastructure to support sessions via =
params. It's untested anywhere except in the memcache session specs. I'd =
like to remove it as it's nothing but an optional security hole. I can't =
imagine anyone using this for anything sane, but I'm checking here in =
case I'm wrong.=