#5985: Decouple cookie_lifetime from security level
-------------------------+--------------------------------------------------
Reporter: PHPdiddy | Owner:
Type: RFC | Status: reopened
Priority: High | Milestone: 1.2.x.x
Component: Session | Version: 1.2 Final
Severity: Major | Resolution:
Keywords: | Php_version: PHP 5
Cake_version: |
-------------------------+--------------------------------------------------
Changes (by PHPdiddy):
* status: closed => reopened
* resolution: worksforme =>
Comment:
After discussing this in the IRC channel, this is something that should be
addressed.
It seems that the consensus would be to add another config value to
core.php such as Session.cookie_lifetime to enforce what the lifetime of a
cookie is regardless of the security level. This is a way to ensure that
session cookies are removed after browser close, even in lower security
levels.
--
Ticket URL: <https://trac.cakephp.org/ticket/5985#comment:2>
CakePHP : The Rapid Development Framework for PHP <https://trac.cakephp.org/>
Cake is a rapid development framework for PHP which uses commonly known design
patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC.
Our primary goal is to provide a structured framework that enables PHP users at
all levels to rapidly develop robust web applications, without any loss to
flexibility.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"tickets cakephp" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/tickets-cakephp?hl=en
-~----------~----~----~----~------~----~------~--~---
