Jeff Watkins <[EMAIL PROTECTED]> writes: > Jason, you have a good point. I'm surprised I never noticed it. But we don't > want to re-issue the cookie, because then if your browser is configured to > confirm cookies, you'll get a confirmation for every page load. That would > be bad.
Indeed. > It looks like I'll take your suggestion and move the expiration to the > secret token. This means a change to the data model, but I think it's the > right idea. As a workaround, I've just raised the time to 60 minutes :-) But if this is measuring inactivity time, it will be better to lower this time... I'd set the default to my apps from something between 5 to 10 minutes, depending on the size of the biggest form that needs to be filled and the number of calls that the secretary that is filling them has to pick up ;-) > I hope to get to this in the next day or two. I really like the way it this is going! :-) Very nice work Jeff! -- Jorge Godoy <[EMAIL PROTECTED]>
