|
Web Application Security
Is logoff feature necessary May 02 2006 07:41AM test future gmail com (14 replies) Re: Is logoff feature necessary May 02 2006 08:06PM Robert Hajime Lanning (robert lanning gmail com) RE: Is logoff feature necessary May 02 2006 12:40PM Rod Divilbiss (rod rodsdot com) (1 replies) RE: Is logoff feature necessary May 03 2006 10:59AM Auri Rahimzadeh (auri auri net) (2 replies) Administrivia: Is logoff feature necessary May 03 2006 12:53PM Andrew van der Stock (vanderaj greebo net) Re: Is logoff feature necessary May 02 2006 09:32AM Luciano Miguel Ferreira Rocha (strange nsk no-ip org) |
|
|
Privacy Statement |
and re-opening the browser, so I would argue that a logoff function is
critical. I really dislike secure systems that don't have them as I feel
that I should be allowed the preference of deciding when I want to end my
session, and should have the security of knowing that my session has been
ended.
Peace,
wa0qmj
-----Original Message-----
From: test.future (at) gmail (dot) com [email concealed] [mailto:test.future (at) gmail (dot) com [email concealed]]
Sent: Tuesday, May 02, 2006 3:41 AM
To: webappsec (at) securityfocus (dot) com [email concealed]
Subject: Is logoff feature necessary
We have a web applicaiton which do not have logoff button. The developer
claims that it is unnecessary, since the session can be terminated by
closing the browser. Is it correct? Thanks.
------------------------------------------------------------------------
-
Sponsored by: Watchfire
The Twelve Most Common Application-level Hack Attacks
Hackers continue to add billions to the cost of doing business online
despite security executives' efforts to prevent malicious attacks. This
whitepaper identifies the most common methods of attacks that we have seen,
and outlines a guideline for developing secure web applications.
Download this whitepaper today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=701300000007t9r
------------------------------------------------------------------------
--
[ reply ]