[ProgSoc] I am very interested in you!
bangdao.hu at gmail.com
Thu Sep 2 22:24:31 EST 2010
Really thank you guys. Thats really helpful.
On Thu, Sep 2, 2010 at 8:41 PM, Peter Dolkens <peter.dolkens at ddrit.com>wrote:
> <http://guides.rubyonrails.org/security.html>Some of the concepts
> discussed in here should help you.
> On Wed, Sep 1, 2010 at 12:36 AM, Peter Dolkens <peter.dolkens at ddrit.com>wrote:
>> With the token system, there's no need to send an explicit logout
>> instruction, removing the cookie, removes the token, effectively logs you
>> Yes you should probably send back "oh hey, this session is over" for
>> security reasons just incase someone tries to steal the cookie, but fact is,
>> the second your cookie's gone, you're not logged in any more.
>> On Mon, Aug 30, 2010 at 6:58 PM, Noah O'Donoghue <
>> noah.odonoghue at gmail.com> wrote:
>>> On Sunday, August 29, 2010, Tomislav Bozic <tomchristmas at progsoc.org>
>>> >When you log out, the session is terminated (by sending an empty
>>> > cookie) and authentication stops.
>>> Surely you couldn't send a blank cookie or it wouldn't know who to log
>>> Progsoc mailing list
>>> Progsoc at progsoc.org
> Progsoc mailing list
> Progsoc at progsoc.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Progsoc