In cherrypy is there a configuration option so that sessions do not have a "timeout", or if they do, expire immediately when the browser is closed? Right now tools.sessions.on is true and tools.sessions.timeout is 60 minutes.
Asked
Active
Viewed 510 times
2 Answers
0
You can't be completely sure about any option, but this are some possibilities.
Listen for an beforeunload event, and make a final request to the server to invalidate the session.
Have a very short expiration time on the sessions and a recurrent call to the server via ajax just to keep alive the session while the page is alive. This could cost you a LOT of requests, but will invalidate the session when the user closes the webpage.
Pass your state via POST requests, but that is a bad idea a painful one that is usually used on the bank pages.
There is more information related on the docs here and here.
