Actually, the difference in this case is that session-based cookies get
deleted when a user shuts down their browser. Check out IE's security
config, which allows you to accept only session-based cookies.
Of course, since CF's session-based cookies have an expiry set on them I'm
assuming they are being passed with an explicit expiry date/time stamp,
which is the cause of our grief.
Any workarounds?
Thanks,
Sean
> -----Original Message-----
> From: Stephen Moretti (IVL Onsite) [mailto:[EMAIL PROTECTED]]
> Sent: September 5, 2000 9:33 AM
> To: fusebox
> Subject: Re: but urgent! Setting Cookies that aren't stored on a user's
> hard drive?
>
>
> Hi Sean,
>
> >
> > Now they want to set it enabling only session-based cookies, not hard
> drive
> > stored cookies. I've tried this but so far it doesn't work for the
> > CFID/CFToken cookies.
> >
> > Is there any way to get these cookies to be session-based?
> >
>
> There's no differentiation between session and "hard drive" cookies - they
> are the same thing.
>
> What you're going to have to do, if they insist on turning off
> cookies, is
> make sure that you include URLToken (which contains both the CFID and
> CFTOKEN) onto every link, form (in the action), CFLOCATION, Javascript
> redirect etc.
>
> Sessions are either maintained using cookies or URL variables and it is
> usually recommended that you do both to catch the user that has their
> cookies switched off.
>
> That will solve your problems...
>
> Regards
>
> Stephen
>
> ------------------------------------------------------------------
> ------------
> To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fu
> sebox or send a message to [EMAIL PROTECTED] with
> 'unsubscribe' in the body.
>
------------------------------------------------------------------------------
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fusebox or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
