[Mailman-Developers] Cookies and Authentication redux

[Thomas Wouters]

On Thu, Jul 20, 2000 at 02:07:46PM -0400, Barry A. Warsaw wrote:

> Comments?
> -Barry

Agreed, except on one thing: expiring the cookie. We recently started
testing with a new web-based email package, and it fixes some problems in
that regard. With older/other packages, it's possible, after logging out, to
go 'back' and 'reload' that page, and it'll show the page asif you are
logged in. I'm not sure if that's a browser bug or not, but it certainly
posed problems for us ;)

This new webmail apparently fixes that by overwriting the cookiedata with
empty values, in addition to setting max-age to 0. It works quite well. I
suggest adopting that practice. It shouldn't hurt to, in any case.

-- 
Thomas Wouters <thomas@xs4all.net>

Hi! I'm a .signature virus! copy me into your .signature file to help me spread!