[geeklog-devel] Prototype fix for expiring security tokens

[Dirk Haun]

>Feedback welcome.

Anyone?

The code is now in our Mercurial repository. I've managed to make things
fully transparent, including file uploads. As an added bonus, using the
browser's back button will now also work with forms that have an
embedded token - you will simply be asked to authenticate when you go
back and send the form again.

Pretty much the only requirement is that you use SEC_checkToken()
correctly, i.e. really only call it when you need to check for a token.

See <http://wiki.geeklog.net/index.php/Re-
Authentication_for_expired_Tokens> for more information.

bye, Dirk


-- 
http://www.geeklog.net/
http://geeklog.info/