| http://www.w3.org/ns/prov#value | - Session is a bad idea for this, IMO. I would leave the ID in the query string, but just do a security check in the server if the current user has access to that ID. If the user hacks the ID then you are checking to see if they are allowed access to the new ID.
|
