incubator-adffaces-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Scott O'Bryan <darkar...@gmail.com>
Subject Re: PPR and session timeout
Date Wed, 19 Jul 2006 15:59:15 GMT
I'm just curious as to how keeping the session alive is a security risk 
when you basically want to re-log them in when a PPR request comes 
through <shrug>. 

Cosma Colanicchia wrote:
> Hi Venkata,
>
> I think that it wont work, because after the post the source page will
> be replaced with the PPR response. The PPR trick is based on having
> the response in another frame/window, so the javascript included in it
> can access the previous page and manipulate it instead of replacing
> the whole page.
>
> Cosma
>


Mime
View raw message