[Seaside-dev] Issue 304 in seaside: caching session cookie state
codesite-noreply at google.com
codesite-noreply at google.com
Tue Jan 27 08:44:43 UTC 2009
Updates:
Owner: jfitzell
Comment #4 on issue 304 by jfitzell: caching session cookie state
http://code.google.com/p/seaside/issues/detail?id=304
If you want security from the browser being closed, you need to make sure
the links
on the first page do not contain the session key (otherwise it's in the
cache). And
that means, as far as I can see, doing the redirect that we were doing
previously, no?
What we have now is only security by obscurity.
I'll take a look at doing this by adding a cookie in the Application. We
can always
add a preference that causes the Application to do a redirect after adding
the cookie
- that should ensure security for those who want it.
--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings
More information about the seaside-dev
mailing list