> -----Original Message----- > From: Jeremy [mailto:[EMAIL PROTECTED] > Sent: Wednesday, 21 April 2004 1:17 PM > To: CFAussie Mailing List > Subject: [cfaussie] Application Logout > > > Hey, > > Really quick question. I have an application that logs out > people when the > browser settings in the security section is set to high. It basically > things that every page is a new page with no session.
When you say that the security section is set to 'high', do you actually mean the privacy section? The security section lets you class sites as 'internet', 'intranet', 'trusted', and 'restricted'. If your site has been set to restricted, then you're fresh out of luck. The privacy section deals with settings like 'low', 'medium', 'high', 'accept all', and 'block all'. These settings all deal with how cookies are accepted by the browser. By default, your sessions are managed by cookies, and this effects whether users are logged in or not. If you can't set cookies because they have paranoid setting turned on, then you'll have to use something other than cookies for session management. You'll have to pass around big messy URL parameters that keep the CFID and CFTOKEN values passing around. If you miss one link anywhere and don't pass these values, you will log the users out when they move through this point. Is this sounding like the problem you have? > Is there a way to override the settings in the browser? OR a > bit of code > to put in the Applicaiton.cfm to ignore the security settings of the > browser. If there were, this would class as a major security hole in the browser. If the user has some desperate desire to cripple their browser with a 'high' security setting, then there should be absolutely no way that any mere web page that the browser visits should be able to override this. Regards Darren Tracey --- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED] MXDU2004 + Macromedia DevCon AsiaPac + Sydney, Australia http://www.mxdu.com/ + 24-25 February, 2004
