Authentication cookie

A

Arne Garvander

I log in to my favorite site. I get an authentication cookie. I get
redirected to the default page.
I leave my site without loggin out. I got to some other website.
I go back to my favorite site's default page within 20 minutes.
My authentication cookie is still there and I can go right in!
My favourite bank site has the same problem.
 
J

Joe Kaplan

Why do you believe this is a problem? It sounds like you are seeing the
expected behavior of a session cookie in a web browser. They are held in
memory and are sent back to the site that issued them, depending the
parameters sent in the Set-Cookie header and the browser's security
settings.

The reason why many sites have a logout function is to clear the data in
that cookie so that it does not authenticate the user anymore. If you don't
execute the request that results in the cookie being changed, it will not be
changed.

Joe K.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,906
Latest member
SkinfixSkintag

Latest Threads

Top