That would work for storing CFID & CFTOKEN somewhere, but how then is the client identified each time he comes back during the session?
Is there a "hidden" cookie (session cookie) that CF uses to identify the browser if it doesn't set the regular cookies? thx Chris Norloff ---------- Original Message ---------------------------------- from: "Pannkuk, Nathan S." <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] date: Mon, 29 Oct 2001 10:53:41 -0900 >Chris- >Someone please tell me if I'm wrong, but I don't believe you need to use >cfcookie at all. You should be able to use CFID and CFTOKEN as session >variables that will be stored in the server's RAM until you expire them. >CFID and CFTOKEN will be set automatically with sessionmanagement set to >"Yes". This should work even if the client has disabled cookies. >-Nathan > > >-----Original Message----- >From: Chris Norloff [mailto:[EMAIL PROTECTED]] >Sent: Monday, October 29, 2001 10:45 AM >To: CF-Talk >Subject: session cookies for CFID & CFTOKEN > > >Our customer has discovered the CFID & CFTOKEN cookies, again, and gotten >upset, again. We're being gigged on "persistent cookies" and how there's >not supposed to be any tracking going on. > >Besides the obvious bit about CFID & CFTOKEN not being anti-privacy tracking >information, I thought I'd try session cookies (expiring at the end of the >browser session). > >So I set setclientcookies to no, and used the client CFID & CFTOKEN vars to >set my own cookies that expire at the end of the session (see code below). > >This seems simple and robust - anyone have any comments or concerns? > >thanks, >Chris Norloff >Dangerous Persistent-Cookie-Setter > > ><cfapplication name="applicationname" > sessionmanagement="Yes" > sessiontimeout="#CreateTimeSpan(2,0,0,0)#" > applicationtimeout="#CreateTimeSpan(1,0,0,0)#" > setclientcookies="No" > clientmanagement="Yes" >> ><cfcookie name="CFID" value="#client.CFID#"> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists