[Zope] why two session identifiers?
Dieter Maurer
dieter@handshake.de
Tue, 6 Aug 2002 19:56:59 +0200
Chris McDonough writes:
> ...
> However, a browser id can last for almost as long as you want. For
> example, if you use cookies, you could have the sessioning machinery
> cookie timeout set to 2038 or something, and assuming the user never
> clears his cookies, and uses the same machine until 2038, he will
> always have the same browser id.
Small note: when I get a cookie with such a lifespan and I do not really
trust the site, then it will be the last cookie that I get from this site.
Thus, use lifespans for cookies your users can understand...
Dieter