[thelist] Two or more sessions on same pc (coldfusion)
Raymond Camden
jedimaster at macromedia.com
Tue Oct 2 09:50:49 CDT 2001
>
> When a user first comes to the site we set up their
> session (login authentication etc), the cookie 'passes' each
> request with the cfid and cftoken but this seems to be the
> same on any number of sessions (browser window launches) on the
> same PC (thus killing a session in one window kills both of
> them). Looks like this is a limitation of using cookies.
This isn't a limitation per se, it's just how cookies work. They are
unique per machine, not browser instance. At least as far as I know.
> I was thinking of manually tracking the cfid/cftoken pair
> via urls/form submissions but this will open up
> security issues (and if people open new windows from the
> original window (like right-clicking/open) it will retain the
> original cfid/cftoken pair.
Well, then you are stuck. You either use cookies, or URL params. Each
has it's.... "issues." ;) I'd use URL params and just deal with the fact
that people can copy the URL.
-RC
More information about the thelist
mailing list