option two is the go here - CF sees this as part of the same session.
then you can just flick the user accros when we want to secure somthing.
L.
On 3/30/06,
Ryan Sabir <[EMAIL PROTECTED]> wrote:
Heya,
Say I have a site 'http://www.mysite.com', with certain pages on it that need to be hosted under a secure address, e.g. 'https://secure.mysite.com '.
As my user is clicking through the site they go between the secure and non-secure parts of the site. How do I keep their session state intact through this? Is the only way to append the CFID and CFTOKEN variables to the URL? In which case, if the user was to say copy a URL and pass it on to a friend, then they would be sharing each others session.
What's the best practice method of doing this?
Its also an option to create a secure directory, e.g.: 'https://www.mysite.com/secure/'. But I'm pretty sure this suffers from the same problem, where the browser will treat the https as a new site and not keep the session state intact.
Any ideas?
thanks...
----------------------------------
Ryan Sabir
Technical Director
p: (02) 9274 8030
f: (02) 9274 8099
m: 0411 512 454
w: www.newgency.com
--
Lucas
http://www.thebitbucket.net
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "cfaussie" group.
To post to this group, send email to cfaussie@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/cfaussie
-~----------~----~----~----~------~----~------~--~---
