On Wed November 26 2008, Toshio Kuratomi wrote: > To be easy to code, require the token for every request of an > authenticated user. If I understand your proposal correctly, a user would need to login again for every link he clicks from his bookmarks or any mail he gets from a Fedora webapplication, e.g. packagedb. And with every login a previous session is invalidated, which also includes links in another open browser tab, where the user logged after he clicked the previous link. Regards, Till
Description: This is a digitally signed message part.