- From: Ian Hickson <ian@hixie.ch>
- Date: Fri, 12 Dec 2008 23:11:55 +0000 (UTC)
On Fri, 12 Dec 2008, Bil Corry wrote: > > > > Why do session cookies not address this already? > > They do to some extent. You can choose to make the session life > shorter, increasing security but potentially logging the user out before > they're ready OR you can choose to make the session life longer, > decreasing security but allowing the user more time. I don't mean short cookie times, I mean literally session cookies, that expire at the end of the session. sessionStorage (from HTML5) might also help with this; it's limited to the lifetime of the tab that it was used in. > Or maybe it'd be better if non-persistent cookies are removed once the > user no longer has an open tab to the site, instead of using a > JavaScript-based solution. This could be done now; I recommend bringing this up with browser vendors as a feature request. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Friday, 12 December 2008 15:11:55 UTC