[geeklog-devel] Prototype fix for expiring security tokens

Tom websitemaster at cogeco.net
Wed Dec 30 09:14:04 EST 2009

This will be a welcome addition. I have lost more than a few stories by not
realizing my token had expired.


-----Original Message-----
From: geeklog-devel-bounces at lists.geeklog.net
[mailto:geeklog-devel-bounces at lists.geeklog.net] On Behalf Of Dirk Haun
Sent: December-30-09 5:05 AM
To: geeklog-devel
Subject: Re: [geeklog-devel] Prototype fix for expiring security tokens

>Feedback welcome.


The code is now in our Mercurial repository. I've managed to make things
fully transparent, including file uploads. As an added bonus, using the
browser's back button will now also work with forms that have an
embedded token - you will simply be asked to authenticate when you go
back and send the form again.

Pretty much the only requirement is that you use SEC_checkToken()
correctly, i.e. really only call it when you need to check for a token.

See <http://wiki.geeklog.net/index.php/Re-
Authentication_for_expired_Tokens> for more information.

bye, Dirk


geeklog-devel mailing list
geeklog-devel at lists.geeklog.net

__________ Information from ESET NOD32 Antivirus, version of virus signature
database 4729 (20091230) __________

The message was checked by ESET NOD32 Antivirus.


More information about the geeklog-devel mailing list