Skip to main content
Completed

Ability to access Client IP adress

Related products:Indicium Service Tier
Bas
  • Bas
    Bas
Bas
Vanguard
  • BasVanguard
  • Vanguard
  • 19 replies

When we need to provide API access to our data we want to ensure that the connection is secure. We utilize session_id’s to achieve this.

Currently, we lack the ability prevent session hijacking or session ID guessing because we can't bind session_id with other client properties, like the IP address or User-Agent.

https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html#binding-the-session-id-to-other-user-properties

Did this topic help you find an answer to your question?

4 replies

Jasper
Superhero
  • JasperSuperhero
  • 678 replies
  • December 9, 2020
Updated idea status NewPlanned
Jasper
Superhero
  • JasperSuperhero
  • 678 replies
  • December 9, 2020

Hi Bas, 

We have already planned this for the 2021.2 release, scheduled for April, by expanding the default session variables with information of not only the user's language, but also the IP address, time zone and more!

Bas
Vanguard
Forum|alt.badge.img+3
  • BasVanguard
  • Author
  • Vanguard
  • 19 replies
  • September 29, 2021

Hi,

thinks this issue can be marked as resolved. 

Documentation about this feature can be found here

https://docs.thinkwisesoftware.com/docs/sf/business_logic/#generated-session-variables

Mark Jongeling
1 person likes this
  • Mark Jongeling
    Mark Jongeling
Mark Jongeling
Administrator
Forum|alt.badge.img+23
  • Mark Jongeling
  • Administrator
  • 3946 replies
  • September 29, 2021
Updated idea statusPlannedCompleted
"Wake me up before you low-code" | On holiday 06-02 till 27-06

Reply


Terms & ConditionsCookie settingsAccessibility statement

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings