-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Roger,
Roger Varley wrote: > I'm sure that I've read that it's possible, using Javascript, to > detect if a client closes the browser & if that's true, then you could > use an AJAX call to invalidate the session. This is possible, but you can't bet on it actually working. The user might have javascript disabled, or the browser may not fire javascript events as it's closing itself entirely (instead of just closing one window, for instance). Basically, the only reliable way to destroy a session is to wait for it to time out (unless the user explicitly logs out, of course). - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGZWnT9CaO5/Lv0PARAr7sAKCwRHe0YRnmJ2VvE1m73OIxkthBPgCgrp/f 7quPP1ZU7RT0rN3M6fqe2jI= =AvW9 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
