Plus there's no session->destroy method, so how can I log out a user
properly?
On 03/03/2013 06:02 PM, Punter wrote:
What if a website's ethical policy is that it doesn't track users
after they've logged-out?
How can it prove that to the users, if it installs a new cookie then?
On 03/03/2013 05:55 PM, Rik Brown wrote:
That sounds like it's working correctly. You got a new empty session and
a cookie for it. I don't think it's expected that you won't get a cookie
if your session is empty.
Cheers,
Rik
Sent from my phone.
On 3 Mar 2013 15:53, "Punter" <[email protected]
<mailto:[email protected]>> wrote:
Ok.
I went to the Database and deleted the session for which I had a
cookie, and next time I loaded a page I got ANOTHER cookie, for a
new (empty) session.
This, I believe, is a bug.
On 03/03/2013 01:42 PM, David Precious wrote:
On Sun, 03 Mar 2013 02:29:47 +0200
Punter <[email protected] <mailto:[email protected]>> wrote:
Now whenever I do a page any view, I get a "this website
wants to set
a cookie" message
It shouldn't be like that. If cookie values don't change,
then they
should only be set once.
Except that, if you don't send the Set-Cookie header again each
time,
the cookie's expiration can't be updated - most people want a
session
expiry to be extended with each request, so it times out the
right
amount of time after the last request, rather than the last
time the
session data was updated.
I think this is quite common and correct behaviour.
_________________________________________________
dancer-users mailing list
[email protected] <mailto:[email protected]>
http://lists.preshweb.co.uk/__mailman/listinfo/dancer-users
<http://lists.preshweb.co.uk/mailman/listinfo/dancer-users>
_______________________________________________
dancer-users mailing list
[email protected]
http://lists.preshweb.co.uk/mailman/listinfo/dancer-users
_______________________________________________
dancer-users mailing list
[email protected]
http://lists.preshweb.co.uk/mailman/listinfo/dancer-users
