Dear Rails enthusiants,
I'm currently developing a web app that allows each user to modify his
own page, but what I worry is cross-site scripting vulnerabilities,
especially cookie replay/session hijacking.
What I worry is that if a user creates a page and fetches the current
cookie, and save it somewhere else. The user who visits the page
doesn't know about that.
I wonder what's the solution for this. Thank you in advance.