"Octavian Rasnita" <[EMAIL PROTECTED]> wrote on 01/23/2008 12:23:48 PM:
> From: <[EMAIL PROTECTED]> > > > > Try setting the cookie to a more reasonable second count (1 day) and > > see if that resolves your issue. All of the browsers handle extended > > cookies a bit differently and while one setting may work on IE, the smae > > may cause a nocookie on firefox. I really believe your problem is one of > > cookie expiration (or content length) and not one where you have to mess > > around setting the domain again (that problem is solved for you -- stop > > looking for zebras). > > But if I do that and a client will close the browser without logging off, > somebody else could open the browser and the app will recognize him as the > owner of the account, so it could be a big security issue. > That's why I need to have cookies which are not saved and used after the > browser was closed. > > Can I set the expiry date and avoid that security risk? > > Thank you. > > Octavian Octavian, diagnose the issue. See if setting the cookie to a reasonable second count fixes the issue. See if it is a expiry issue or something else. I am not asking you to redesign your app -- just pinpoint the issue without assuming it is the domain setting in the cookie. _______________________________________________ List: [email protected] Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[email protected]/ Dev site: http://dev.catalyst.perl.org/
