Gundersen, Richard:
Hi
Is there some trick (javascript, headers etc) that I can incorporate
into my web app to force a new session each time for Firefox users? I've
seen a few online banking websites have pulled it off, but no idea how.
Is there anything I can look for in the headers, HTTP request etc that I
can examine and say 'hey, this request is coming from a different
browser window from the last one'?
You can mark a session stale if you haven't received within a certain
time any input by the user. Also you can use either frames or AJAX keep
the user within one page in order to detect when the user tries to move
away from the page. By using the function onbeforeunload you could
remove the session.
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Jabber: [EMAIL PROTECTED]
Blog: https://blog.startcom.org
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
