I believe setting the useUUID setting in the cfadmin can help with such issues, if I recall correctly this also avoids the use of CFID and CFTOKEN, and uses an alternate variable instead, CFMAGIC or somehting? its been a while since I looked at this as I use UUID as default for years now so I might be completely wrong and i'm sure Dave will correct me if I am.
I wasn't aware that JessionID is browser session based, which is interesting to know, but you can get around that by generating the cookie yourself and giving it an expiry date. On Mon, Sep 12, 2011 at 5:36 PM, Dave Watts <[email protected]> wrote: > >> Should we be using jsessionids instead? Are there any problems in switching >> to them? Thanks so much. > > Generally, I prefer using JSESSIONIDs. But if you have any explicit > references to CFID and CFTOKEN in your code, those would have to > change appropriately. Also, JSESSIONID is destroyed when the user > closes the browser - CFID and CFTOKEN are not, by default. > > Dave Watts, CTO, Fig Leaf Software > http://www.figleaf.com/ > http://training.figleaf.com/ > > Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on > GSA Schedule, and provides the highest caliber vendor-authorized > instruction at our training centers, online, or onsite. > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:347413 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
