Learn something new every day. I really hadn't thought much about how the session variables were held.
I appreciate the insight that you and Dave gave me. Thanks! -----Original Message----- From: Jason Fisher [mailto:ja...@wanax.com] Sent: Friday, April 01, 2011 1:35 PM To: cf-talk Subject: RE: Session Variable question Like Dave said, CF / J2EE already are using cookies, but there's a difference between cookies held only in the browser (expires when browser closes) and cookies that are written to the user's HDD. If you're using session or client vars, then you're already using 1 of these, and probably both. Setting CFCOOKIE with no expiration is a browser-level cookie; no user files necessary. ---------------------------------------- From: "CraigSell" <craigs...@charter.net> Sent: Friday, April 01, 2011 2:03 PM To: "cf-talk" <cf-talk@houseoffusion.com> Subject: RE: Session Variable question I really didn't want to use any kind of cookie. I have data in the session variables I don't want compromised in any way. I was just hoping the J2EE solution would be a magic bullet. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:343479 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm