Bill Moseley wrote:
Unfortunately, often want to have a login form on the home page and
that page is typically static -- so can't use my token in that
situation.
How about using a variation of the token system. You have a token that's
valid for any request that you change fairly frequently - say every 5
minutes. Then you dynamically insert that into the home page.
Then to give you the effect of a static home page, use apache's mod_cache.
Finally in your login form, you accept any from the last X tokens where
X > 2 (you could've cached the page just before the token expires) up to
whatever life you want to allow.
Carl
_______________________________________________
List: [email protected]
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/[email protected]/
Dev site: http://dev.catalyst.perl.org/
