By putting the following code in your Application.cfm it does exactly the
same thing. when you create a client var CF puts an expirey time on the
cookie equal to the time in the CF administrator. If you want it to expire
when the browser closes then this will do it:
<cfif IsDefined("Cookie.CFID") AND IsDefined("Cookie.CFTOKEN")>
<cfset cfid_local = Cookie.CFID>
<cfset cftoken_local = Cookie.CFTOKEN>
<cfcookie name="CFID" value="#cfid_local#">
<cfcookie name="CFTOKEN" value="#cftoken_local#">
</cfif>
-----Original Message-----
From: Tyler Clendenin [mailto:[EMAIL PROTECTED]]
Sent: 21 March 2002 17:52
To: CF-Talk
Subject: Re: Client variable security (Re: The trouble with cookies ...)
I don't know, i think he is looking for more of a clientside solution to it.
Maybe having a javascript that deletes the cookie for the onUnload event.
----- Original Message -----
From: "Andy Ewings" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Thursday, March 21, 2002 12:16 PM
Subject: RE: Client variable security (Re: The trouble with cookies ...)
> Not strictly true. Although the set of client vars won't expire on the
> server there is no reason why you can't delete the id and token on the
> client by using the code that I posted on my last post. In fact Tod
almost
> had it right initially - just didn't use local vars (2 extra lines of
code)
>
> -----Original Message-----
> From: Tyler Clendenin [mailto:[EMAIL PROTECTED]]
> Sent: 21 March 2002 17:17
> To: CF-Talk
> Subject: Re: Client variable security (Re: The trouble with cookies ...)
>
>
> By the nature of sessions they cannot be ended like that. You must
require
> that the user log out if they don't want that to happen.
>
> ----- Original Message -----
> From: "Todd" <[EMAIL PROTECTED]>
> To: "CF-Talk" <[EMAIL PROTECTED]>
> Sent: Thursday, March 21, 2002 11:35 AM
> Subject: Client variable security (Re: The trouble with cookies ...)
>
>
> > Maybe I should explain what I am trying to do a little more.
> >
> > I have an application that uses client variables to track sessions and
> > provide security. If a user loggs out, everything is fine. If a user
is
> > idle for more than an hour, everything is fine. If a user closes their
> > browser and someone comes along behind them and opens a broswer and goes
> to
> > the same place, the session is still active and they don't have to log
in.
> > What I need is a way to end the seeion when the browser is closed.
> >
> > Todd
> >
> > ----- Original Message -----
> > From: "Russel Madere" <[EMAIL PROTECTED]>
> > To: "CF-Talk" <[EMAIL PROTECTED]>
> > Sent: Thursday, March 21, 2002 11:08 AM
> > Subject: RE: The trouble with cookies ...
> >
> >
> > > Try adding the expires="NOW" attribute to the call.
> > >
> > > <cfcookie name="cfid" value="#cookie.cfid#" expires="NOW">
> > >
> > > Russel
> > >
> > > > -----Original Message-----
> > > > From: Todd [mailto:[EMAIL PROTECTED]]
> > > > Sent: Thursday, March 21, 2002 9:58 AM
> > > > To: CF-Talk
> > > > Subject: Fw: The trouble with cookies ...
> > > >
> > > >
> > > > Is that I can't get them to expire when the browser is closed.
> > > >
> > > > I've got this code:
> > > >
> > > > <cfif IsDefined("Cookie.CFID") AND IsDefined("Cookie.CFTOKEN")>
> > > > <cfcookie name="cfid" value="#cookie.cfid#">
> > > > <cfcookie name="cftoken" value="#cookie.cftoken#">
> > > > </cfif>
> > > >
> > > > but it doesn't seem to do anything. I close my browser, open it
back
> > up,
> > > > and am still able to read the cookies.
> > > >
> > > > Any suggestions?
> > > >
> > > > Todd
> >
> >
>
>
______________________________________________________________________
This list and all House of Fusion resources hosted by CFHosting.com. The place for
dependable ColdFusion Hosting.
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
