https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17187
Bug ID: 17187
Summary: Lower the timeout preference from 139 days to 1 day
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: System Administration
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
CC: [email protected]
>From sysprefs.sql: ('timeout','12000000',NULL,'Inactivity timeout for cookies
authentication (in seconds)','Integer'),
>From C4/Auth.pm: my $timeout = C4::Context->preference('timeout') || 600;
Some googling results:
The default in PHP is 1440 seconds (24 minutes).
30 minutes (=1800 secs) is the default expiration time of a cookie.
This patch proposes to lower 12 million to 1d (one day). The perfect balance
between usability and security??
Also note that we are talking about a session cookie. So end of session always
means end of game.
Who offers less ?
And what about changing current values? [Starting with: If it is null or the 12
million secs, change it.]
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
_______________________________________________
Koha-bugs mailing list
[email protected]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
