> > secure section on my site you need to login to. I can
> > set up a logout linkto end a session. I can end a
> > session if the user closes the browser. my question
> > is, is there a way to kill or end the session if the
> > user navigates outside of my domain? For example, a
> > user is logged in on my site and clicks his home
> > button. Is there a way to end the session at that
> > point?
>
> As there is no responce to my original question, am i to
> determine that this either can not be done, or it is just
> that nobody on this list knows the answer?
As Jochem pointed out, you can not do this reliably with web applications.
This has nothing to do with ColdFusion, per se, but rather with the very
nature of HTTP.
You can implement a client-side solution using _javascript_, but you can't
guarantee that it will work in all cases, and if your goal is security, it
would probably have to work in all cases to be effective.
Why exactly do you want to log the user out if she goes to a different page,
anyway? What if the user clicks the "home" button by mistake?
For most applications, it's sufficient to ensure that the session is
disconnected when the user closes her browser. You can do this by creating
"session" cookies which are destroyed when the browser is closed.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
phone: 202-797-5496
fax: 202-797-5444
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
