[geeklog-devel] [geeklog-cvs] geeklog: Experimental: Give the user an idea how long they have ...
Chris 'Chipper' Chiapusio
chipper at llamas.net
Fri Oct 30 09:49:54 EDT 2009
On Thu, Oct 29, 2009 at 06:35:41PM +0100, Dirk Haun wrote:
>>url: http://project.geeklog.net/cgi-bin/hgwebdir.cgi/geeklog/rev/
>37fcd14cdee2
>
>>description:
>>Experimental: Give the user an idea how long they have until the
>>security token expires
>
>So Tony and myself were discussing CSRF and the dreaded usage problems
>they cause when trying to make things secure. This was one idea we had.
>
>I'd consider this an intermediate step until we get around to
>overhauling the editors. But it will at least prevent some nasty
>surprises (I would hope).
>
>What does everybody think? Also, how's that message?
>
>>+ 91 => 'You have until %s to make changes. After that time, the
>>security token embedded into this page will expire and you will lose
>>your changes. You can always hit "Preview" to extend the expiry time.'
>
>This would need some adjustment for forms without a preview option, of
>course. I was thinking of adding such a message to all the editors for 1.6.1.
>
>bye, Dirk
>
Can you display the countdown timer somehow?
Chip
--
------
**** Warning ****
This e-mail message, without warrant or warning, and despite US law as set
forth in the Foreign Intelligence Surveillance Act of 1978, may be subject
to monitoring by the United States National Security Agency and/or the
Department of Defense. Information contained in this message may be used
against any senders or recipients, now or in the future, in a public trial
or secret tribunal.
Please encrypt anything important.
PGP Key: http://wwwkeys.pgp.net:11371/pks/lookup?op=get&search=0x6CFA486D
More information about the geeklog-devel
mailing list