perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Steve Piner <ste...@marketview.co.nz>
Subject Re: Question...
Date Wed, 13 Feb 2002 20:02:33 GMT

Do you need to expire the cookie when you leave the page? How about the
following.

When they login, you send down a cookie. when they go to that page, you
check the cookie they sent, but send out a new value for that cookie,
invalidating it. So when they leave that page they send back your
invalid cookie.

When they go back to the page, they'll send the invalid cookie, and you
can then prompt them to log in or whatever.

You'll get the invalid cookie sent back for images on that page, but
that usually isn't a problem.

Steve Piner


Ryan Parr wrote:
> 
> I think I'm missing something...
> 
> If you set a session cookie (i.e. one with no expiry time) then the cookie
> will be deleted immediately upon browser close, forcing the user to login
> again if they've closed their browser instance.
> 
> If you don't use cookies and allow basic auth then the exact same behavior
> is called, forcing the user to re-login only if they've closed that browser
> instance.
> 
> Is there someway to expire cookies on page leave, or is this the smartass
> thing you were referring to? :)
> 
> -- Ryan Parr
> 
> ----- Original Message -----
> From: "Jon Robison" <jrobison@uniphied.com>
> To: "Ron Beck" <rbeck@tqtx.com>
> Cc: <modperl@apache.org>
> Sent: Tuesday, February 12, 2002 12:28 PM
> Subject: Re: Question...
> 
> > Cookies!
> >
> > /me is in smartass mode today.
> >
> > --Jon
> >
> > Ron Beck wrote:
> > >
> > > Hello all,
> > > I need to know how to clear the $ENV variables.  For example, I use a
> > > .htaccess file for specific directories which requires the user to enter
> > > userID and password.  When they exit the page, I want them to have to
> > > re-enter userID and passwd if they enter the page again.  Does anyone
> > > know how this is accomplished?
> > >
> > > TIA,
> > > Ron

Mime
View raw message