I noticed using the SignIn example that if I log into the www.mywebsite.org/AppName/#/home page, it can log in without being authenticated.
It is a problem if the person manages to enter the pages by saving the address and recalling the history without having to authenticate.
Is it a solvable problem?
Is it possible to send a SessionID and read it to verify that those who surf are authenticated?
Furthermore, is it possible to know which is the previous page that called up the current one?
It is a problem if the person manages to enter the pages by saving the address and recalling the history without having to authenticate.
Is it a solvable problem?
Is it possible to send a SessionID and read it to verify that those who surf are authenticated?
Furthermore, is it possible to know which is the previous page that called up the current one?