-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Greg,
background information:
-- Cookies that expire once the browser is closed are sometimes
referred to as "tasty cookies"...so I've heard. Anyway, they are set
WITHOUT an expiration date, and thus die when the browser window is
closed.
You've come into a situation that is a prime example of why NOT to
use cookies. Let's say for instance that your user "Joe" decides he
wants a permanent cookie, he gets one, and then closes his browser
and leaves the computer. Further, user "Bob" comes to the same
computer later and goes to your site... Joe's cookie is still there.
There's no way around this. The only way "Bob" will not see "Joe's"
cookie is if Joe decided he wanted a temporary cookie.
The only way to ensure security on a public terminal is a session
variable that expires. URL vars can be seen on a public terminal,
cookies can be seen, client vars can be seen. If the requirement is
security on a public terminal, I would suggest session.
Aaron Johnson, MCSE, MCP+I
Allaire Certified ColdFusion Developer
MINDSEYE, Inc.
<phn>617.350.0339
<fax>617.350.8884
<icq>66172567
[EMAIL PROTECTED]
___________________________________________
"Never forget that only dead fish swim with
the stream." -- Malcolm Muggeridge
___________________________________________
- -----Original Message-----
From: Greg Wolfinger [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 15, 2000 2:12 PM
To: CF-Talk
Subject: cfcookie to delete cookie
Hey Guys:
Sorry about two posts in one day. I am trying to either set a cookie
that expires once the browser is closed or if the user selects at
log-in, sets a cookie that is permanent. However, I want the
permanent cookie or the cookie that expires once the browser is
closed to be overridden if someone else logs on to the web site from
the same computer.
Any Help? Thanx,
- -Greg
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
