[Catalyst] warning
Marcello Romani
mromani at ottotecnica.com
Thu Jan 24 12:26:09 GMT 2008
Octavian Rasnita ha scritto:
> From: "Marcello Romani" <mromani at ottotecnica.com>
>
>>> But if I do that and a client will close the browser without logging
>>> off, somebody else could open the browser and the app will recognize
>>> him as the owner of the account, so it could be a big security issue.
>>> That's why I need to have cookies which are not saved and used after
>>> the browser was closed.
>>>
>>> Can I set the expiry date and avoid that security risk?
>>>
>>> Thank you.
>> I'm not 100% sure, but probably you could achieve that by setting the
>> expiry date in the past.
>>
>> HTH
>
> Thanks for the idea. I will try it, although I think it might invalidate
> the cookie.
>
> Octavian
>
>
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>
That should be the bit that will do the trick: being invalid, it will be
discarded as soon as the browser is closed, but it should remain valid
until that point.
--
Marcello Romani
Responsabile IT
Ottotecnica s.r.l.
http://www.ottotecnica.com
More information about the Catalyst
mailing list