Thanks. -----Original Message----- From: webguy [mailto:[EMAIL PROTECTED]] Sent: Monday, January 27, 2003 12:31 PM To: CF-Talk Subject: RE: Session Swapping
This is because the expire time is set to now() by default. WG > -----Original Message----- > From: Andy Ousterhout [mailto:[EMAIL PROTECTED]] > Sent: 27 January 2003 18:19 > To: CF-Talk > Subject: RE: Session Swapping > > > Dimo, > > I don't understand how this insures that cookies are terminated on browser > close. It just looks like you are just resaving the same token. > Would you > explain how this works? > > Andy > > -----Original Message----- > From: Dimo Michailov [mailto:[EMAIL PROTECTED]] > Sent: Monday, January 27, 2003 12:04 PM > To: CF-Talk > Subject: Re: Session Swapping > > > Hi Robert: > > A quick tip, we had a situation with mixed sessin identities not long > ago. The reason - ghost-ing machines which had a CFID/CFTOKEN cookie, so > all ghosted machines had the same cookie - same identity of swapped > identities in the middle of session. > > Also, putting this in your Application.cfm would make sure that these > cookies are terminated upon browser close; > > <cfif IsDefined( "Cookie.CFID" ) AND IsDefined( "Cookie.CFTOKEN" )> > <cfset tmpCFID = Cookie.CFID> > <cfset tmpCFTOKEN = Cookie.CFTOKEN> > <cfcookie name="CFID" value="#tmpCFID#"> > <cfcookie name="CFTOKEN" value="#tmpCFTOKEN#"> > </cfif> > > > Hope that helps, > > Dimo Michailov > > > Robert Shaw wrote: > > Hi, > > Using CF 5 we switched form client vars to session and now we're seeing > > session swapping (login as one account and see data from another's). Any > > tips on what might be happening and why we'd be seeing this. I imagine > it's > > tied to the switching. > > > > TIA, > > Rob > > > > > > > > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
