ASP.NET Session Mix-up using StateServer (SCARY!)

Question

We store two objects in session. Somehow, one of the objects from another user got loaded into a different user\'s session. The user should have had no access to this partic

Answer 1

Could the two crossed users both be using the same cacheing proxy? If so, then one user might see data that was cached for another user if the URLs matched, especially if the proxy isn't well behaved.

Wasn't this the main problem with the Google Web Accelerator project (now discontinued)?