Correct. The cookie is not there, so when the browser comes to the site, it will have no cookies, so the CFapplication tag will assign it the cookies.
This will have zero effect on current logged in users. At 04:42 PM 3/20/2002 -0500, you wrote: >OK .. so if 1 browser closes, it won't mess up the client session of another >one that is logged in to the same site? > >Todd > >----- Original Message ----- >From: "Nick McClure" <[EMAIL PROTECTED]> >To: "CF-Community" <[EMAIL PROTECTED]> >Sent: Wednesday, March 20, 2002 4:32 PM >Subject: Re: Using Client Variables for security > > > > You don't have to delete the cookies, just reset them! > > > > <cfcookie name="cfid" value="#cookie.cfid#"> > > <cfcookie name="cftoken" value="#cookie.cftoken#"> > > > > notice the lack of the expires tag. this should remove the dates from the > > cookies, which will cause the to expire when the browser is closed. > > > > At 04:21 PM 3/20/2002 -0500, you wrote: > > >I prefer them too and we are using them in a database. The problem is, >some > > >dude with level 4 access closes the browser without logging off. Someone > > >comes along within the 1 hour timeout limit and opens the browser and > > >suddenly has access to level 4 commands, because they hijacked the >identity > > >of the other guy. Now, when the browser closes, I can delete the >cookies, > > >but that would ruin the session for the other browsers that are open in >the > > >site .. this is a bad thing. > > > > > >Any idea how I can kill Client variable session when closing a browser > > >without killing all sessions for all browsers? > > > > > >Todd > > ______________________________________________________________________ Get the mailserver that powers this list at http://www.coolfusion.com Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
