Good code. We use something just like that, so our cookies expire when all the
browser windows are closed.
Also, we use client.CFID and client.CFTOKEN so we don't have to lock. CF makes CFID
and CFTOKEN available in both session and client scope.
Chris Norloff
-- Original Message
-Original Message-
From: Todd [mailto:[EMAIL PROTECTED]]
Sent: 21 March 2002 16:36
To: CF-Talk
Subject: Client variable security (Re: The trouble with cookies ...)
Maybe I should explain what I am trying to do a little more.
I have an application that uses client variables to track sessions
By the nature of sessions they cannot be ended like that. You must require
that the user log out if they don't want that to happen.
- Original Message -
From: Todd [EMAIL PROTECTED]
To: CF-Talk [EMAIL PROTECTED]
Sent: Thursday, March 21, 2002 11:35 AM
Subject: Client variable security
)
-Original Message-
From: Tyler Clendenin [mailto:[EMAIL PROTECTED]]
Sent: 21 March 2002 17:17
To: CF-Talk
Subject: Re: Client variable security (Re: The trouble with cookies ...)
By the nature of sessions they cannot be ended like that. You must require
that the user log out if they don't
OK .. I tried that and it's still not working. :(
Any other ideas?
Todd
- Original Message -
From: Andy Ewings [EMAIL PROTECTED]
To: CF-Talk [EMAIL PROTECTED]
Sent: Thursday, March 21, 2002 11:44 AM
Subject: RE: Client variable security (Re: The trouble with cookies ...)
Tod
Stick
: RE: Client variable security (Re: The trouble with cookies ...)
Not strictly true. Although the set of client vars won't expire on the
server there is no reason why you can't delete the id and token on the
client by using the code that I posted on my last post. In fact Tod
almost
had it right
]]
Sent: 21 March 2002 17:52
To: CF-Talk
Subject: Re: Client variable security (Re: The trouble with cookies ...)
I don't know, i think he is looking for more of a clientside solution to it.
Maybe having a javascript that deletes the cookie for the onUnload event.
- Original Message -
From
By putting the following code in your Application.cfm it
does exactly the same thing. when you create a client var
CF puts an expirey time on the cookie equal to the time
in the CF administrator.
That's not exactly correct. The CFID and CFTOKEN cookies, by default, are
essentially
You can simply write them once, by setting the
SETCLIENTCOOKIE attribute of CFAPPLICATION to false or no, and then
creating your own CFID and CFTOKEN session cookies with the appropriate
CFID and CFTOKEN values from the Client or Session scope.
Dave Watts, CTO, Fig Leaf Software
You can simply write them once, by setting the
SETCLIENTCOOKIE attribute of CFAPPLICATION to false or
no, and then creating your own CFID and CFTOKEN session
cookies with the appropriate CFID and CFTOKEN values from
the Client or Session scope.
OK .. I've disabled
10 matches
Mail list logo
