Ask a Question related to Coldfusion - Advanced Techniques, Design and Development.
-
grease #1
SESSION and browser close
I have written a shopping cart application which kills all SESSION vars when
the browser is closed. However, despite it working correctly on my local
development server, once uploaded to thte live environment, it maintains the
SESSION which, in a shoppingcart application provides a security risk. I have
used the tried and tested 'session killer' but no joy... can anyone suggest a
possible cause? I have contacted the host to see if their CF servers run on
J2EE, which I have read could be a possible cause.
grease Guest
-
close all browser windows?
Does anyone know of any javascript or other method to close all open browser windows? I have an issue where a user logs in to our intranet through... -
Close Browser and Change URL - HELP!
Hi all, Here's my situation: I have a URL with a link that: 1. Opens a new browser window, in which reside an SWF movie. 2. At the end of... -
close my project that is in a browser window (close this window)
How can I do this with a button? What do I have to put into button? -
Browser Close Event
which event is fired when a browser is closed. i want to call asp page which deleet some files on the server. i tired using onunload event but it... -
How to close the browser down ?
Good evening all. I know how to close the browser down when there is no frames involved. I have a frameset aspx page. It has 3 frames, left, main... -
vkunirs #2 Re: SESSION and browser close
can you explain how you are expiring the session when the user closes the brwoser with out logout.
vkunirs Guest
-
ben #3 Re: SESSION and browser close
Even if it did work (how does the server know that the browser was
closed?), the security risk persists. Some people don't close their
browser but surf on to other sites and then leave the browser open to go
for a coffee. How would the server know that the user is doing something
else and therefore the session should be closed?
They only solution I see in this case is to time-out the session after a
certain period of inactivity on the shopping site.
ben
grease wrote:> I have written a shopping cart application which kills all SESSION vars when
> the browser is closed. However, despite it working correctly on my local
> development server, once uploaded to thte live environment, it maintains the
> SESSION which, in a shoppingcart application provides a security risk. I have
> used the tried and tested 'session killer' but no joy... can anyone suggest a
> possible cause? I have contacted the host to see if their CF servers run on
> J2EE, which I have read could be a possible cause.
>ben Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
