Forum OpenACS Development: Re: Logout on browser close, missing important feature!

Collapse
Posted by Gustaf Neumann on
The following patches from March this year (in cvs head) made session cookies true session cookies (they are deleted on a browser close) and they avoid session hijacking

http://fisheye.openacs.org/changelog/OpenACS/openacs-4/packages/acs-tcl/tcl?cs=MAIN%3Agustafn%3A20100315001053
http://fisheye.openacs.org/changelog/OpenACS/openacs-4/packages/acs-tcl/tcl?cs=MAIN%3Agustafn%3A20100315000900