[Catalyst] Announcement - New session plugins
Kiki
kiki at bsdro.org
Tue Nov 8 13:54:25 CET 2005
Yuval Kogman wrote:
> Technically this is problematic: The browser will never notify the
>
>server when the session data expires, causing a storage leak
>(references to the session ID will be lost on browser close, but the
>store can't know that).
>
>Can anybody with more web-smarts than me figure out what is the best
>policy for this?
>
>
How about providing a timeout mechanism (if a session hasn't been
accessed in the last 24h, or whatever timeout you want, it's considered
expired and removed from storage)?
More information about the Catalyst
mailing list