In CF 10 Administrator, go to "Server Settings" -->"Memory Variables" & scroll down to "Session Cookie Settings". The "Session Cookie Settings" have complete control over the expires attribute for cookie.CFID & cookie.CFToken. When you set them like this: <cfset Cookie.cfid = SESSION.CFID> <cfset Cookie.cftoken = SESSION.CFToken> in OnSessionStart, the expires date gets set to the value set in "Session Cookie Settings" (minimum setting is 2 minutes) & this setting cannot be turned off. I tried using 0 and -1 to see if that would disable it from setting the expires attribute (for Cookie.cftoken & cookie.CFToken), it did not. In previous versions of CF, if you did not set the expires attribute when you set cookie.CFID and cookie.CFToken, these cookies would expire when you closed the browser, this is no longer the case for cookie.CFID and cookie.CFToken.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:351833 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
