Does anyone know of any good tutorials/articles about locking down a site that uses Client variables for security? My boss seems to think Session variables are the way to go and wants to go through the headache of converting all of the Client Variables in our rather large intranet to session variables. Obviously, I don't want to do this because I just know about 30 things are going to break. I'm of the opinion that there it mostly doesn't matter which I use as long as everything is done right.
One of the main concerns he has is what if someone closes the browser without logging off. I gave him a way that could be taken care of. He asked, won't that kill their session on all of the browsers they have open on our site? I said, yep. He said, I don't want that. Anyone have any ideas for me? Todd ______________________________________________________________________ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
