Electronics & Programming

develissimo

Open Source electronics development and programming

  • You are not logged in.

#1 Dec. 3, 2005 22:15:37

Jiri B.
Registered: 2009-11-02
Reputation: +  0  -
Profile   Send e-mail  

Test cookie's age


I don't know if I'm getting it all right... The test cookie's age is
the same as the age of any other cookie.

My application is using views/auth/login.py, SESSION_SAVE_EVERY_REQUEST
= True, and SESSION_COOKIE_AGE = 600.

Let's have the following scenario. A user logs out of the application.
This will bring it to the login screen, with the test cookie posted.
Another user comes in fifteen minutes (the test cookie has expired),
and cannot log in because the computer says,

"Your Web browser doesn't appear to have cookies enabled."

Of course, logging in again right at the moment afterwards puts the
user right through.

I'm trying to say the use case for the test cookie might be different
from the ordinary cookies. What do you think? My question is, can I set
the test cookie's age close to infinity? Won't this pose a security
risk?

TIA,
Jiri

Offline

Board footer

Moderator control

Enjoy the 20th of January
PoweredBy

The Forums are managed by develissimo stuff members, if you find any issues or misplaced content please help us to fix it. Thank you! Tell us via Contact Options
Leave a Message
Welcome to Develissimo Live Support