[ProgSoc] I am very interested in you!

bangdao hu bangdao.hu at gmail.com
Thu Sep 2 22:24:31 EST 2010


Really thank you guys. Thats really helpful.

On Thu, Sep 2, 2010 at 8:41 PM, Peter Dolkens <peter.dolkens at ddrit.com>wrote:

> http://guides.rubyonrails.org/security.html
>
> <http://guides.rubyonrails.org/security.html>Some of the concepts
> discussed in here should help you.
>
>
> On Wed, Sep 1, 2010 at 12:36 AM, Peter Dolkens <peter.dolkens at ddrit.com>wrote:
>
>> With the token system, there's no need to send an explicit logout
>> instruction, removing the cookie, removes the token, effectively logs you
>> out.
>>
>> Yes you should probably send back "oh hey, this session is over" for
>> security reasons just incase someone tries to steal the cookie, but fact is,
>> the second your cookie's gone, you're not logged in any more.
>>
>>
>> On Mon, Aug 30, 2010 at 6:58 PM, Noah O'Donoghue <
>> noah.odonoghue at gmail.com> wrote:
>>
>>> On Sunday, August 29, 2010, Tomislav Bozic <tomchristmas at progsoc.org>
>>> >When you log out, the session is terminated (by sending an empty
>>> > cookie) and authentication stops.
>>>
>>> Surely you couldn't send a blank cookie or it wouldn't know who to log
>>> out?
>>>
>>> -Noah
>>>
>>> _______________________________________________
>>> Progsoc mailing list
>>> Progsoc at progsoc.org
>>> http://progsoc.org/cgi-bin/mailman/listinfo/progsoc
>>>
>>
>>
>
> _______________________________________________
> Progsoc mailing list
> Progsoc at progsoc.org
> http://progsoc.org/cgi-bin/mailman/listinfo/progsoc
>



-- 
Best regards

Bangdao
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://progsoc.org/pipermail/progsoc/attachments/20100902/1e70d9dc/attachment.html>


More information about the Progsoc mailing list