[Catalyst] warning
Marcello Romani
mromani at ottotecnica.com
Thu Jan 24 10:25:59 GMT 2008
Octavian Rasnita ha scritto:
> From: <Wade.Stuart at fallon.com>
>>
>> Try setting the cookie to a more reasonable second count (1 day) and
>> see if that resolves your issue. All of the browsers handle extended
>> cookies a bit differently and while one setting may work on IE, the smae
>> may cause a nocookie on firefox. I really believe your problem is one of
>> cookie expiration (or content length) and not one where you have to mess
>> around setting the domain again (that problem is solved for you -- stop
>> looking for zebras).
>
> But if I do that and a client will close the browser without logging
> off, somebody else could open the browser and the app will recognize him
> as the owner of the account, so it could be a big security issue.
> That's why I need to have cookies which are not saved and used after the
> browser was closed.
>
> Can I set the expiry date and avoid that security risk?
>
> Thank you.
>
> Octavian
>
>
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>
I'm not 100% sure, but probably you could achieve that by setting the
expiry date in the past.
HTH
--
Marcello Romani
Responsabile IT
Ottotecnica s.r.l.
http://www.ottotecnica.com
More information about the Catalyst
mailing list