Re: Re: How can you tell if cookies are disabled?


good chemistry is complicated, and a little bit messy -LW
	PerlMonks

Re: Re: How can you tell if cookies are disabled?

by vagnerr (Prior)

on Mar 28, 2002 at 12:18 UTC ( [id://154934]=note: print w/replies, xml )

Need Help??

in reply to Re: How can you tell if cookies are disabled?
in thread How can you tell if cookies are disabled?

Quote from article:
The wrong way to use cookies, therefore, is to have a login form, and on successful login, send out a cookie that lasts until year 2003 to that browser. That's bad. I can't login on another browser, and if I forget to logout of a browser at an ``internet cafe'', the next user who stumbles across the same website is (gasp!) already logged in as me!

Erm like Perlmonks does :-}
What we have here of course is a trade off between security and usability. The most secure access is lock the machine in a safe, and bury it in concrete, but thats not very usable. Whilst semi-permanent cookies for login control are less secure in the arena of something like perlmonks its less of an issue than say your online internet bank account :)

---If it doesn't fit use a bigger hammer

Comment on Re: Re: How can you tell if cookies are disabled?

Replies are listed 'Best First'.

Re: Re: Re: How can you tell if cookies are disabled?
by IlyaM (Parson) on Mar 28, 2002 at 12:50 UTC

I think it is quite reasonable approach. I have this checkbox checked when I visit perlmonks from home and I don't check it when I visit perlmonks from other places.

--
Ilya Martynov (http://martynov.org/)

[reply]

In Section Seekers of Perl Wisdom